Switch Language

Authorize & Token

Authorize is our implementation of the OAuth 2.0 framework. It lets you integrate the latest industry-standard secure authorization methods in your app.

Endpoints Summary

get
/oauth20/authorize
Retrieve authorization code
post
/oauth20/token
Request Access Tokens

Request Access Tokens

Exchange the authorization code retrieved in the previous call for an access token and a refresh token.

  1. Authorization Code
    Get an access token and refresh token by calling our /token endpoint and passing through the authorization code from the previous call.
    The access token will only be valid for the scope for which the consent has been provided. It will have an expiration of 24 hours in the sandbox environment and 15 minutes in production. You can then call our APIs by passing this token in the Authorization header.
    The refresh token can be used to get a new access token if the original one expires.

  2. Refresh Token
    If your access token has expired and your refresh token is still valid, you can exchange your refresh token for a new access token and a new refresh token.

Post
/oauth20/token

Request

Code Samples

Headers

Content-Type
string
Example
application/x-www-form-urlencoded
Accept
string
Example
application/json

FormData Parameters

Response

FAQs

What authorization system do you use?

All our APIs use the standard OAuth 2.0 framework.

How do I get authorized to make calls?

To get authorized to make calls, please check our Authorize documentation. It contains all the information you’ll need to implement a two-legged or three-legged OAuth flow.