Authorize & Token
Authorize is our implementation of the OAuth 2.0 framework. It lets you integrate the latest industry-standard secure authorization methods in your app.
Retrieve authorization code
Retrieve an authorization code to be used in exchange for an access token.
Request Access Tokens
Exchange the authorization code retrieved in the previous call for an access token and a refresh token.
Get an access token and refresh token by calling our /token endpoint and passing through the authorization code from the previous call.
The access token will only be valid for the scope for which the consent has been provided. It will have an expiration of 24 hours in the sandbox environment and 15 minutes in production. You can then call our APIs by passing this token in the Authorization header.
The refresh token can be used to get a new access token if the original one expires.
If your access token has expired and your refresh token is still valid, you can exchange your refresh token for a new access token and a new refresh token.
What authorization system do you use?
All our APIs use the standard OAuth 2.0 framework.
How do I get authorized to make calls?
To get authorized to make calls, please check our Authorize documentation. It contains all the information you’ll need to implement a two-legged or three-legged OAuth flow.