GoTo
API Status
GoTo

Migrating from GoToConnect to LogMeIn Authentication API

LogMeIn and GoToConnect have been working towards a unified and integrated experience since merging in April 2018.

The GoToConnect Authentication API is deprecated. The end of life of this API is planned for the February 10th, 2021. Please use the LogMeIn Authentication API instead.

This page provides a description of the changes to make with little or no explanation. The same two authentication flows are still supported - implicit grant and authorization code grant flows. View the detailed LogMeIn Authentication API documentation for complete instructions and how to use the new authentication calls.

This migration affects all integrations and applications that use GoToConnect Authentication API.

Required changes

Although both the GoToConnect and LogMeIn authentication flows follow the RFC6749, there are some minor differences between them.

Implicit Grant

LogMeIn (New)

Use LogMeIn authorization endpoint to start the authentication flow:

https://authentication.logmeininc.com/oauth/authorize?
response_type=token&client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}
&scope={SCOPE}%20{ANOTHER_SCOPE}&state={STATE}

Receive and handle the access token on your side:

{REDIRECT_URI}
#access_token={ACCESS_TOKEN}&token_type=Bearer
&expires_in={EXPIRATION_TIME}&principal={principal}
&scope={SCOPE}%20{ANOTHER_SCOPE}&state={STATE}

GoToConnect (Former)

IMPORTANT - these calls are deprecated and are included for comparison only.

Former GoToConnect authorization endpoint:

https://auth.jive.com/oauth2/v2/grant?
response_type=token&client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}
&scope={SCOPE}%20{ANOTHER_SCOPE}&state={STATE}

Former GoToConnect authentication response:

{REDIRECT_URI}
#access_token={ACCESS_TOKEN}&type=bearer
&expires_in={EXPIRATION_TIME}
&username={USERNAME}&state={STATE}

Differences

  • The authorization endpoint is https://authentication.logmeininc.com/oauth/authorize rather than https://auth.jive.com/oauth2/v2/grant.
  • Tokens are identified by token_type rather than token.
  • The expires_in value is in seconds rather than milliseconds.
  • The user is identified as principal rather than username.

Authorization Code Grant

LogMeIn (New)

Use LogMeIn authorization endpoint to start the authentication flow:

https://authentication.logmeininc.com/oauth/authorize?
response_type=code&client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}
&scope={SCOPE}%20{ANOTHER_SCOPE}&state={STATE}

Receive the authorization code:

{REDIRECT_URI}?code={AUTHORIZATION_CODE}&state={STATE}

Request tokens:

curl https://authentication.logmeininc.com/oauth/token \
-H 'Authorization: Basic {AUTHORIZATION_TOKEN}' \
-H 'Content-Type: application/x-www-form-urlencoded' \
--data 'grant_type=authorization_code&redirect_uri={REDIRECT_URI} \
&client_id={CLIENT_ID}&code={AUTHORIZATION_CODE}'

Receive and handle the tokens on your side:

{
  "access_token": "{ACCESS_TOKEN}",
  "refresh_token": "{REFRESH_TOKEN}",
  "token_type": "Bearer",
  "expires_in": 86400,
  "scope": "{SCOPE} {ANOTHER_SCOPE}"
  "principal": "jive-user@jive.com"
}

Use LogMeIn token endpoint to refresh tokens:

curl https://authentication.logmeininc.com/oauth/token \
-H 'Authorization: Basic {AUTHORIZATION_TOKEN}' \
-H 'Content-Type: application/x-www-form-urlencoded' \
--data 'grant_type=refresh_token&refresh_token={REFRESH_TOKEN}'

Receive and handle the tokens on your side:

{
  "access_token": "{ACCESS_TOKEN}",
  "refresh_token": "{REFRESH_TOKEN}",
  "token_type": "Bearer",
  "expires_in": 86400,
  "scope": "{SCOPE} {ANOTHER_SCOPE}"
  "principal": "jive-user@jive.com"
}

GoToConnect (Former)

IMPORTANT - these calls are deprecated and are included for comparison only. Former GoToConnect authorization call:

https://auth.jive.com/oauth2/v2/grant?
response_type=code&client_id={CLIENT_ID}&redirect_uri={REDIRECT_URI}
&scope={SCOPE}%20{ANOTHER_SCOPE}&state={STATE}

Former GoToConnect authentication response:

{REDIRECT_URI}?code={AUTHORIZATION_CODE}&state={STATE}

Former GoToConnect token call:

curl https://auth.jive.com/oauth2/v2/token \
-H 'Authorization: Basic {AUTHORIZATION_TOKEN}' \
-H 'Content-Type: application/x-www-form-urlencoded' \
--data 'grant_type=authorization_code&redirect_uri={REDIRECT_URI} \
&client_id={CLIENT_ID}&code={AUTHORIZATION_CODE}'

Former GoToConnect token response:

{
  "access_token": "{ACCESS_TOKEN}",
  "refresh_token": "{REFRESH_TOKEN}",
  "token_type": "bearer",
  "expires_in": 2592000000,
  "username": "jive-user@jive.com"
}

Former GoToConnect refresh tokens call:

curl https://auth.jive.com/oauth2/v2/token \
-H 'Authorization: Basic {AUTHORIZATION_TOKEN}' \
-H 'Content-Type: application/x-www-form-urlencoded' \
--data 'grant_type=refresh_token&refresh_token={REFRESH_TOKEN}'

Former GoToConnect refresh tokens response:

{
  "access_token": "{ACCESS_TOKEN}",
  "refresh_token": "{REFRESH_TOKEN}",
  "token_type": "bearer",
  "expires_in": 2592000000,
  "username": "jive-user@jive.com"
}

Differences

  • The authorization endpoint is https://authentication.logmeininc.com/oauth/authorize rather than https://auth.jive.com/oauth2/v2/grant.
  • The token endpoint is https://authentication.logmeininc.com/oauth/token rather than https://auth.jive.com/oauth2/v2/token.
  • A refresh token is not always returned for authorization code grant calls. Keep the refresh token when it is returned.
  • Tokens are identified by token_type rather than token.
  • The expires_in value is in seconds rather than milliseconds.
  • The user is identified as principal rather than username.

Refresh Old GoToConnect Tokens

By migrating to the LogMeIn API, all the current GoToConnect refresh tokens in your system will become invalid. That means that your users will need to sign in again in order to get a new access and refresh tokens. That will happen only once if the migration is successful. The error response that you will get if you try to exchange a GoToConnect refresh token against the LogMeIn refresh token endpoint - https://authentication.logmeininc.com/oauth/token - will be

HTTP/1.1 400 Bad Request
{
  "error": "invalid_request",
  "error_description": "unsupported.jwt"
}

When you get this error you need to call your sign in code to force the user to reauthenticate to LogMeIn. Note that the GoToConnect access tokens will continue to be valid on GoToConnect APIs until expiration.

Summary

Differences LogMeIn (New) GoToConnect (Old)
Authorization endpoint https://authentication.logmeininc.com/oauth/authorize https://auth.jive.com/oauth2/v2/grant
Token endpoint https://authentication.logmeininc.com/oauth/token https://auth.jive.com/oauth2/v2/token
expires_in field seconds milliseconds
refresh_token field might NOT be included always present
Token type field token_type type
username field principal username

General Comments

  • You can continue to use your client information that you previously received (client id, secret and redirect uri).
  • If you face any issue, you can contact our API support team at developer-support@logmein.com.