Climate FieldView authentication with Leaf

How to connect with Climate FieldView via Leaf



Leaf’s API is the easiest way to build with farm data.

Software developers use Leaf’s API to build and scale a wide range of products including farm optimization tools, lending products, outcome-based financing, land and input marketplaces, agronomic recommendations, traceability applications, equipment maintenance forecasting, and more.

Here is a link to Leaf’s website and docs.

In this post, we are going to show you how to easily go through Climate Field View authorization flow with Leaf, that is, get authorized to access your users’ Climate Field View data with Leaf. Let’s get to it!

 

Summary

  • Step 1: Create a developer account with Climate Field View and get your application credentials.
  • Step 2: Get your users’ Climate Field View tokens with Leaf.
  • Step 3: Add Climate Field View credentials to Leaf.

Keep in mind that this tutorial is a full walkthrough. Most of the steps presented will be done only once, meaning that subsequent calls will be much easier and faster.

Step 1: Create a developer account with Climate Field View and get your application credentials.

(if you already have a developer account with Climate, you can skip this step)

Creating a Climate Field View developer account is a very simple and automatic process, just register with this link.

0_S59qwU68mnHf2vY5

After being approved by Climate, they will provide you a clientId, a clientSecret, and an API Key. You will use these three later.

After that, you will have created your developer account and can go to the next step of this tutorial.

Step 2: Get your users’ Climate tokens with Leaf.

To get your users’ tokens to access their Climate Field View data, your application must go through Climate Field View OAuth flow. First, you need to redirect the user to a custom URL that is the Climate Field View page that will present the user the choice of authorizing your app to access their data.

At the end of this step, we will want to have retrieved your user’s climate access token and refresh token

To generate an access token and refresh token, your webapp must direct users to the “Log in with FieldView” page. Once users authenticate on the Climate FieldView site, they’ll be redirected back to your app with a code you’ll use to retrieve the required access tokens.

Here’s the Interactive login workflow:

1. The user arrives at your site and clicks a “Log in with FieldView” button. Clicking this button navigates the user’s browser to the Climate FieldView login page on climate.com. The url must be constructed this way (broken down into separate lines for easier reading):

https://climate.com/static/app-login/index.html?
client_id={client_id}&
redirect_uri={redirect_uri}&
response_type=code&
scope={scope}

 

A fully constructed url example is shown below (again, broken into separate lines to ease reading):

https://climate.com/static/app-login/index.html?
client_id=partner-dataranch&
redirect_uri=https%3A%2F%2Fleafagriculture.com.br
response_type=code&
scope=soil%3Awrite%20openid%20fields%3Aread%20farmOrganizations%3Aread%20resourceOwners%3Aread%20platform%20partnerapis
  • scope: This is the list of scopes corresponding to the endpoints you intend to call after authenticating. This list should be as specific as possible, since the user will be asked to grant permissions for each requested scope. The value must be a space-delimited, URL-encoded list (e.g., fields:read imagery:write). Here is a list of scopes corresponding to each resource/endpoint:
  • redirect_uri: The redirect_uri in the query must be a fully qualified, URL-encoded URI on your server. That’s where the code is going to be received.
  • client_id: This is the OAuth2 client ID provided to you by Climate.
  • response_type: This specifies this request is for an authorization code.

    1.1 The user enters a valid Climate FieldView username and password and clicks Log In.

    1.2 The user is then prompted to confirm that the partner app should be allowed access. This prompt is             branded with your logo. The user clicks Allow.

    1.3 The user’s browser is redirected back to your site.

2. After the user authenticates and allows access to the partner app, the redirect_uri specified in the            authorization request receives a single query parameter named code. You then use this code to                      request an access token from Climate, via a backend web service call. This temporary code, which                expires in about 1 minute, is used to generate the initial access token. 

3. Get the user’s tokens. First, you will need to calculate the authorization header for the next call. It looks like this:

Basic {base64_encode($clientId:$clientSecret)}

We've included a brief Javascript code that calculates it for you:

// let's first concatenate client_id, ":", and client_secret
var id_sec = cfv_client_id + ":" + cfv_client_secret;
// now let's encode to Base64
var id_sec_64 = btoa(id_sec);
// finally, let's concatenate with "Basic "
var authorization_code = "Basic " + id_sec_64;

To check if your code is working, make sure that given:

clientId = "leaf" and clientSecret = "agriculture"

It will generate the Authorization Header:

Basic bGVhZjphZ3JpY3VsdHVyZQo
 

 

 

 

Similar posts

Stay in the loop with all of Leaf's future insights, technical updates and latest case studies.

Subscribe to receive our monthly newsletter and newest blog posts with industry leading insights, company updates and more.