Embedding authentication

As an alternative to building your own authentication flow, Polytomic Connect can handle all authentication to your customers’ systems, whether to databases, data warehouses, CRMs, cloud buckets, spreadsheets, or even arbitrary HTTP APIs. Through an API call to Polytomic Connect, you can present your users with Polytomic-generated authentication flows without worrying about building the right input form or OAuth flow.

For example, here are example modals generated by Polytomic Connect to authenticate to HubSpot and Snowflake:

Hubspot

Snowsflake


Polytomic supports many other integrations. For each one, you’re able to pop up authentication modals like the above without having to know what authentication parameters are required.

Whitelisting integrations

You can restrict the set of integrations your customers can connect to by setting the whitelist argument to an array of whitelisted integrations.

If you only want to allow one type of integration, you can pass a single string to the whitelist parameter. For example, if you only want to allow connections to Salesforce, you can pass ["salesforce"]. When the user opens the modal, they will be presented with a form to authenticate to Salesforce.

If you want to allow connections to multiple types of integrations, you can pass an array of strings to the whitelist argument (for example, ["salesforce", "hubspot"]). In this case, when the user opens the modal, they will be first be presented with a list of available integrations to choose connecting to.

Dark mode

You can pass a dark parameter to the modal to use the dark theme.

Polytomic’s authentication modals can also show your company’s logo instead of Polytomic’s. To turn this on, email an SVG file of your company’s logo to support@polytomic.com

Connect modal initialization

Steps

1

Obtain an API key

If you haven’t already, learn how to obtain an API Key.

2

Request a connect redirectURL

Call the /api/connections/connect endpoint with the desired connection types and any additional parameters. You will need to make this request every time you want a user to authenticate a new connection.

3

Open the connect modal

Open the connect modal by opening the URL returned in the redirectURL parameter.

Request parameters

NAME
TYPE
DESCRIPTION
REQUIRED
namestringThe name of the connection. Connection names must be unique within an organization.true
redirectURLstringThe URL to redirect to after the connection is authenticated.true
whiteliststring[]A list of connection types to whitelist.false
darkbooleanWhether to use the dark theme.false

Code example

Below is an example of both frontend and backend code that authenticates to PostgreSQL using the Polytomic Connect API. Note that the caller does not need any knowledge of the required authentication inputs because that is automatically handled by Polytomic Connect.


Requests should be proxied through a backend server so that the API token can be securely added to all outgoing requests. Demonstrated below are two parts broken up by frontend and backend.

1const REDIRECT_URL = "http://localhost:8080/connect_complete";
2
3async function initiatePolytomicConnect() {
4 const response = await fetch(`/_/api/connections/connect`, {
5 method: "POST",
6 mode: 'cors',
7 cache: 'no-cache',
8 credentials: 'same-origin',
9 body: JSON.stringify({
10 name: "My connection",
11 whitelist: ["salesforce", "hubspot", "marketo", "outreach"],
12 redirect_url: REDIRECT_URL,
13 dark: true,
14 }),
15 });
16 if (response.ok) {
17 const data = await response.json();
18 window.open(data.data.redirect_url, "_blank")
19 return;
20 }
21 const { error } = await response.json();
22 throw new Error(error);
23}