Spotfire Ideas Portal
Currently the OAuth2 client in the Spotfire Server configuration only allows for the OAuth2 authorisation code flow to access data. This is not very useful for the reasons described below. Please allow the client credentials flow as an alternative or replacement for the current solution. This means the Spotfire Server should acquire tokens and not the end user.
1 Scheduled Updates and Automation Services do not work
Since tokens are acquired on behalf of a user it's not possible to use any analyses in scheduled updates or automation services that are made using this data source. Switching the client credentials flow means that the Spotfire server can acquire tokens on behalf of itself without any user intervention.
2. Simplified Permissions Management
Not all users have access to the JDBC data. In cases where access to the data is strictly controlled, it makes much more sense to use the client credentials flow.
3. Improved Security
Authorization Code Flow: Permissions are based on user accounts, potentially granting more access than needed.
Client Credentials Flow: Permissions are tied to the service account, minimizing over-permissioning and ensuring more secure, granular access.
4. Stability for Automated Processes
Authorization Code Flow: Susceptible to disruptions from session expirations or token expiry, requiring manual re-authentication.
Client Credentials Flow: Tokens are managed automatically, ensuring continuous and stable operation without interruption.