Migrating from GoToConnect to LogMeIn Authentication API
LogMeIn and GoToConnect have been working towards a unified and integrated experience since merging in April 2018.
The GoToConnect Authentication API is deprecated. The end of life of this API is planned for the February 10th, 2021. Please use the LogMeIn Authentication API instead.
This page provides a description of the changes to make with little or no explanation. The same two authentication flows are still supported - implicit grant and authorization code grant flows. View the detailed LogMeIn Authentication API documentation for complete instructions and how to use the new authentication calls.
This migration affects all integrations and applications that use GoToConnect Authentication API.
Required changes
Although both the GoToConnect and LogMeIn authentication flows follow the RFC6749, there are some minor differences between them.
Implicit Grant
LogMeIn (New)
Use LogMeIn authorization endpoint to start the authentication flow:
https://authentication.logmeininc.com/oauth/authorize?
response_type=token&client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}
&scope={SCOPE}%20{ANOTHER_SCOPE}&state={STATE}
Receive and handle the access token on your side:
{REDIRECT_URI}
#access_token={ACCESS_TOKEN}&token_type=Bearer
&expires_in={EXPIRATION_TIME}&principal={principal}
&scope={SCOPE}%20{ANOTHER_SCOPE}&state={STATE}
GoToConnect (Former)
IMPORTANT - these calls are deprecated and are included for comparison only.
Former GoToConnect authorization endpoint:
https://auth.jive.com/oauth2/v2/grant?
response_type=token&client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}
&scope={SCOPE}%20{ANOTHER_SCOPE}&state={STATE}
Former GoToConnect authentication response:
{REDIRECT_URI}
#access_token={ACCESS_TOKEN}&type=bearer
&expires_in={EXPIRATION_TIME}
&username={USERNAME}&state={STATE}
Differences
- The authorization endpoint is
https://authentication.logmeininc.com/oauth/authorizerather thanhttps://auth.jive.com/oauth2/v2/grant. - Tokens are identified by
token_typerather thantoken. - The
expires_invalue is in seconds rather than milliseconds. - The user is identified as
principalrather thanusername.
Authorization Code Grant
LogMeIn (New)
Use LogMeIn authorization endpoint to start the authentication flow:
https://authentication.logmeininc.com/oauth/authorize?
response_type=code&client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}
&scope={SCOPE}%20{ANOTHER_SCOPE}&state={STATE}
Receive the authorization code:
{REDIRECT_URI}?code={AUTHORIZATION_CODE}&state={STATE}
Request tokens:
curl https://authentication.logmeininc.com/oauth/token \
-H 'Authorization: Basic {AUTHORIZATION_TOKEN}' \
-H 'Content-Type: application/x-www-form-urlencoded' \
--data 'grant_type=authorization_code&redirect_uri={REDIRECT_URI} \
&client_id={CLIENT_ID}&code={AUTHORIZATION_CODE}'
Receive and handle the tokens on your side:
{
"access_token": "{ACCESS_TOKEN}",
"refresh_token": "{REFRESH_TOKEN}",
"token_type": "Bearer",
"expires_in": 86400,
"scope": "{SCOPE} {ANOTHER_SCOPE}"
"principal": "jive-user@jive.com"
}
Use LogMeIn token endpoint to refresh tokens:
curl https://authentication.logmeininc.com/oauth/token \
-H 'Authorization: Basic {AUTHORIZATION_TOKEN}' \
-H 'Content-Type: application/x-www-form-urlencoded' \
--data 'grant_type=refresh_token&refresh_token={REFRESH_TOKEN}'
Receive and handle the tokens on your side:
{
"access_token": "{ACCESS_TOKEN}",
"refresh_token": "{REFRESH_TOKEN}",
"token_type": "Bearer",
"expires_in": 86400,
"scope": "{SCOPE} {ANOTHER_SCOPE}"
"principal": "jive-user@jive.com"
}
GoToConnect (Former)
IMPORTANT - these calls are deprecated and are included for comparison only. Former GoToConnect authorization call:
https://auth.jive.com/oauth2/v2/grant?
response_type=code&client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}
&scope={SCOPE}%20{ANOTHER_SCOPE}&state={STATE}
Former GoToConnect authentication response:
{REDIRECT_URI}?code={AUTHORIZATION_CODE}&state={STATE}
Former GoToConnect token call:
curl https://auth.jive.com/oauth2/v2/token \
-H 'Authorization: Basic {AUTHORIZATION_TOKEN}' \
-H 'Content-Type: application/x-www-form-urlencoded' \
--data 'grant_type=authorization_code&redirect_uri={REDIRECT_URI} \
&client_id={CLIENT_ID}&code={AUTHORIZATION_CODE}'
Former GoToConnect token response:
{
"access_token": "{ACCESS_TOKEN}",
"refresh_token": "{REFRESH_TOKEN}",
"token_type": "bearer",
"expires_in": 2592000000,
"username": "jive-user@jive.com"
}
Former GoToConnect refresh tokens call:
curl https://auth.jive.com/oauth2/v2/token \
-H 'Authorization: Basic {AUTHORIZATION_TOKEN}' \
-H 'Content-Type: application/x-www-form-urlencoded' \
--data 'grant_type=refresh_token&refresh_token={REFRESH_TOKEN}'
Former GoToConnect refresh tokens response:
{
"access_token": "{ACCESS_TOKEN}",
"refresh_token": "{REFRESH_TOKEN}",
"token_type": "bearer",
"expires_in": 2592000000,
"username": "jive-user@jive.com"
}
Differences
- The authorization endpoint is
https://authentication.logmeininc.com/oauth/authorizerather thanhttps://auth.jive.com/oauth2/v2/grant. - The token endpoint is
https://authentication.logmeininc.com/oauth/tokenrather thanhttps://auth.jive.com/oauth2/v2/token. - A refresh token is not always returned for authorization code grant calls. Keep the refresh token when it is returned.
- Tokens are identified by
token_typerather thantoken. - The
expires_invalue is in seconds rather than milliseconds. - The user is identified as
principalrather thanusername.
Refresh Old GoToConnect Tokens
By migrating to the LogMeIn API, all the current GoToConnect refresh tokens in your system will become invalid. That means that your users will need to sign in again in order to get a new access and refresh tokens. That will happen only once if the migration is successful. The error response that you will get if you try to exchange a GoToConnect refresh token against the LogMeIn refresh token endpoint - https://authentication.logmeininc.com/oauth/token - will be
HTTP/1.1 400 Bad Request
{
"error": "invalid_request",
"error_description": "unsupported.jwt"
}
When you get this error you need to call your sign in code to force the user to reauthenticate to LogMeIn. Note that the GoToConnect access tokens will continue to be valid on GoToConnect APIs until expiration.
Summary
| Differences | LogMeIn (New) | GoToConnect (Old) |
|---|---|---|
| Authorization endpoint | https://authentication.logmeininc.com/oauth/authorize | https://auth.jive.com/oauth2/v2/grant |
| Token endpoint | https://authentication.logmeininc.com/oauth/token | https://auth.jive.com/oauth2/v2/token |
| expires_in field | seconds | milliseconds |
| refresh_token field | might NOT be included | always present |
| Token type field | token_type | type |
| username field | principal | username |
General Comments
- You can continue to use your client information that you previously received (client id, secret and redirect uri).
- If you face any issue, you can contact our API support team at developer-support@logmein.com.
- How much do the LogMeIn APIs cost?
- How do I get started?
- How do I get support for the APIs?
- Can I access more than one product API?
- What are the rate limits for the APIs?
- How to login or create a developer account
- How to create an OAuth client
- How to obtain an access token
- How to obtain and use refresh tokens
- How to use Postman API collections
- GoToWebinar webhooks
- How to use GoToWebinar webhooks
- Date and time conventions
- Paging, Sorting & Filtering Output
- OAuth Migration Guide
- Direct Login Migration
- Migrating from GoToConnect to LogMeIn Authentication API
- Migration Guide for the Realtime API Subscription Line Types
- Introduction
- Java SDK
- .NET SDK
- SDK License Agreement