1. Submitting Your Information To Us
To begin your Authentication, we must first acquire some information to create your User account to access our API.
Fill out our Google Form Here to begin.
❗️ If you have already completed this step, do not submit again!
Once your submission has been received, we will create your User account, and Email you a OneTimeSecret link to the email specified in the Google Form that contains your:
📘 Your Username and Password will be used for both accessing your Backoffice account, and for Authenticating your API in the following steps.
2. Creating Your Code Challenge
Our authentication requires you to use a code challenge and code verifier.
Navigate to This Link to generate your
When navigated to the link above, you will be presented with 2 buttons.
Generate Code Verifier FIRST, then click
🚧 Be sure to save both your
code_challenge for upcoming steps.
3. Acquiring your
Our auth flow requires a
State parameter to be included in order to authenticate.
You can either manually create a 20+ digit string of random Alpha-Numeric values, or simply use this link to auto-generate one for you:
The link above will present you with a properly formatted random string. Simply cope/paste that value and you're good to go.
🚧 Save the generated state string for upcoming steps
4. Acquiring Your Code Parameter
In your desired browser (we recommend Firefox), enter the following URL in your search bar:
Replace the values after
code_challenge= with your unique values acquired throughout this setup.
enter and you will be presented with a Login Page:
Fill it in with the
Password you acquired from the OneTimeSecret link emailed to you.
Upon a successful login, you will be automatically redirected to a Consent page.
Upon consent, you will again be redirected, this time to the Callback URI with your
state parameter appended to the end of the URL.
Example URL Below:
Save both the
📘 At this point of the setup you should have the following data:
5. Access and Refresh Token
You are now equipped with the credentials necessary to acquire your Access and Refresh token.
This following example will be done with Postman, however can be accomplished with many other API Testing apps.
Your Authorization must be set to a
Basic Auth Type:
Fill out your Body to match below:
Below is the cURL code snippet for this request if you would rather import this into your test app:
curl -X POST \
-H 'Content-Type: application/x-www-form-urlencoded' \
-u 'YOUR_CLIENT_ID:YOUR_CLIENT_SECRET' \
-H 'cache-control: no-cache' \
Upon a successful POST, you will be given back your access_token and refresh_token.
📘 If you have any questions about this Authentication Flow please email us at firstname.lastname@example.org