Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
23 commits
Select commit Hold shift + click to select a range
3c9a5d0
feat: add OAuth 2.0 support and settings UI for Phrase integration
sanyamkamat Jul 3, 2026
89f072a
feat: implement OAuth 2.0 authentication for Phrase connector with co…
sanyamkamat Jul 4, 2026
b7df556
small fixes
sanyamkamat Jul 4, 2026
360d904
feat: enhance OAuth handling with session management and UI adjustments
sanyamkamat Jul 5, 2026
2753169
feat: improve initialization handling in PhraseApi to prevent stale k…
sanyamkamat Jul 5, 2026
beb586b
feat: add admin-only configuration options for local development in P…
sanyamkamat Jul 5, 2026
04c8faf
feat: enhance OAuth connection handling with session validation and e…
sanyamkamat Jul 5, 2026
5cc01ae
feat: add apiHost override support for OAuth connection and disconnec…
sanyamkamat Jul 5, 2026
57d1bd6
delete the changeset file as we release plugin in different way
sanyamkamat Jul 5, 2026
0392c6f
feat: add OAuth Client ID configuration option and integrate into con…
sanyamkamat Jul 6, 2026
2b170f7
feat: enhance OAuth token refresh handling with error reporting
sanyamkamat Jul 6, 2026
fe840b4
feat: improve OAuth session handling by prioritizing latest expiry fo…
sanyamkamat Jul 6, 2026
94bcf59
feat: update OAuth validation logic to rely on expiry and manage sess…
sanyamkamat Jul 6, 2026
c6ff9cb
feat: improve org-specific OAuth session management to prevent state …
sanyamkamat Jul 6, 2026
f50470b
feat: refactor OAuth session management to use apiKey-scoped markers …
sanyamkamat Jul 6, 2026
3b76f5b
keep the package.json up to date with release version
sanyamkamat Jul 6, 2026
66be2c6
add the dev version
sanyamkamat Jul 6, 2026
626d7a6
feat: add readOrgPluginSetting function to streamline access to organ…
sanyamkamat Jul 6, 2026
59ac882
chore: update version to 0.0.17-1 in package.json and package-lock.json
sanyamkamat Jul 6, 2026
b71137f
feat: enhance README with detailed OAuth 2.0 authentication instructi…
sanyamkamat Jul 6, 2026
854dc46
feat: enhance OAuth authentication handling in PhraseApi class
sanyamkamat Jul 7, 2026
962ef5e
feat: improve OAuth token refresh handling in PhraseApi class
sanyamkamat Jul 7, 2026
7abd3c7
feat: refine OAuth mode determination logic in PhraseApi class
sanyamkamat Jul 7, 2026
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
73 changes: 73 additions & 0 deletions plugins/phrase-conector/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,79 @@
From the plugins tab, pick `Phrase`, it'll ask you for your phrase user name and password, make sure the user has a `Project Manager` role.
![Phrase connector configuration screen](https://cdn.builder.io/api/v1/image/assets%2F1f098a44b17d4df688d2afdc8a10ac7d%2F92e44f756ac848bca5bdc6d9459d2bfc)

## Authentication

The plugin supports two authentication modes, selected via the **Authentication** dropdown in the plugin settings:

- **Username / password** (default) — the classic flow. Enter the Phrase username and password of a user with a `Project Manager` role.
- **SSO / OAuth 2.0** — recommended for organizations that enforce SSO (where username/password login is blocked). Each organization registers its own Phrase OAuth app and connects via a login popup; no password is stored.

Both modes are fully supported. You can switch between them at any time, and switching does not delete the other mode's stored credentials.

### Switching to OAuth (SSO)

#### Prerequisites

- A Phrase TMS user with an **Administrator** profile (required both to register the OAuth app and to approve the connection).
- Your Phrase **data center**: US (`us.cloud.memsource.com`) or EU/default (`cloud.memsource.com`).

#### Part A — Register an OAuth app in Phrase

1. Sign in to Phrase TMS as an **Administrator**.
2. Go to **Settings → Integrations → Registered OAuth Apps**.
3. Create a new OAuth app.
4. Set the **Redirect URI** exactly to:
```
https://cdn.builder.io/api/v1/memsource/oauth/callback
```
If Builder gave you a custom API host, use that host with the same `/api/v1/memsource/oauth/callback` path.
5. Save the app and copy the **Client ID**. Phrase does not issue a client secret — that's expected; only the Client ID is needed.

#### Part B — Connect the Builder plugin

1. In Builder, open **Space Settings → Integrations → Phrase**.
2. Set **Authentication** to **SSO / OAuth 2.0**.
3. If your Phrase account is on the **US** data center, enable **"Account's data center is US based."**
4. Paste the **Client ID** from Part A into **OAuth Client ID**.
5. Click **Connect to Phrase**.
6. In the popup, log in with an **Administrator** profile and click **Allow**.
7. Confirm the panel shows **✓ Connected to Phrase**, then **Save** the settings.

#### How the connection works

```mermaid
sequenceDiagram
participant U as User (Builder)
participant P as Plugin UI
participant B as Builder API
participant Ph as Phrase

U->>P: Set OAuth mode + Client ID, click Connect
P->>B: POST /oauth/prepare (Client ID, data center)
B-->>P: one-time state token
P->>B: open popup /oauth/start?state=...
B->>Ph: redirect to /oauth/authorize
U->>Ph: Log in (Admin) + Allow
Ph->>B: redirect /oauth/callback?code&state
B->>Ph: exchange code for tokens
B->>B: store tokens (server-side) + clear state
B-->>P: postMessage: connected (metadata only)
P-->>U: ✓ Connected to Phrase
```

The access token is stored and used only on the Builder server; the browser only ever receives connection metadata.

#### Verify

Run a **Translate** action on any entry — it should create the Phrase project/job as usual.

#### Good to know

- Each organization registers its **own** OAuth app; the Client ID is per-org and entered in plugin settings (there is no shared, Builder-wide client).
- Phrase access tokens are short-lived (~1h) and Phrase often issues no refresh token. If a translation action reports **"Phrase OAuth session expired. Please reconnect,"** click **Connect to Phrase** again. This is uncommon day-to-day but is the expected reconnect path.
- To revert, switch **Authentication** back to **Username / password** — the previously entered credentials are still stored.
- Use **Disconnect from Phrase** in the connection panel to revoke the stored OAuth token.

## Translating content
What's being translated:
- All text elements in builder content [you can exclude specific element by right click + `exclude from future translations`]
Expand Down
75 changes: 10 additions & 65 deletions plugins/phrase-conector/package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion plugins/phrase-conector/package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "@builder.io/plugin-phrase-connector",
"version": "0.0.15",
"version": "0.0.17-1",
"description": "",
"keywords": [],
"main": "dist/plugin.system.js",
Expand Down
Loading
Loading