Will OAuth2 works with client behind firewall

Wayne Chan-Oracle

    Hi Eloqua team,

    Want to use OAuth2 authentication to access Eloqua object from a client application behind firewall. I notice https://login.eloqua.com/auth/oauth2/authorize as well as /auth/oauth2/token endpoints require redirect_uri URLs (OAuth client in this case) to process returning authorization code (authorization grant) and eventually access token.

    I wonder if the redirect_uri is a URL from within a firewall will authorization code return connection be able to get to the redirected URL (OAuth client) through firewall.

    It is my understanding once /auth/oauth2/authorize connection is sent to Eloqua instance (acting as authorization server) a separate connection is used to send authorization code back to OAuth client using the redirect_uri value. If the redirected URL is firewall system Eloqua shouldn't have visibility to route authorization code back. This is the same for subsequent access token connection as well. If my understanding return authorization code is separate connection from initial /auth/oauth2/authorize it would mean firewall rule will be required for Eloqua authorization code return connection to connect to OAuth client (within firewall).

     

    Please advise if this is how to setup OAuth2 client for client behind firewall (company firewall).

    thanks,

     

    Wayne Chan