Sandbox login
Guides

OAuth

Suggest Edits

OAuth

Veem uses OAuth2 three-legged and two-legged to provide authorized access to its API.

Steps for two-legged

Using this flow clients will obtain authorization to interact with the Veem API on its own behalf. This is a server-to-server flow with interaction between an application and the Veem API.

1 - Get Access Token

URL:

https://sandbox-api.veem.com/oauth/token

Body: x-www-form-urlencoded

grant_type : clientcredentials
_scope: all

Headers:

Authorization Basic <client_id:client_secret>

You need to base64 encode the <client_id:client_secret> tuple.

curl -X POST https://sandbox-api.veem.com/oauth/token -H "Authorization: Basic <base64-encoded-credentials>" -H "Accept: application/json" -d grant_type=client_credentials -d scope=all

{
    "access_token": "",
    "token_type": "bearer",
    "refresh_token": "",
    "expires_in": 31535999,
    "scope": "all",
    "account_id": 1,
    "user_id": 2
}

Steps for three-legged

Using this flow clients will obtain authorization to interact with the Veem API on behalf of a different user.

1 - Initiate the OAuth access call (Web Browser)

This initiates the Connect with Veem from your customer's browser. You need to use our official buttons similar to what shown below and initiate the flow using the correct parameters mentioned below. To download the button images click here.

URL:

https://sandbox-api.veem.com/oauth/authorize?client_id=my-client-id&redirect_uri=http://my-domain/oauth/code_callback&response_type=code

Query Params:

client_id : your clientid provided by Veem
_redirect_uri : the redirect uri to use in the code callback. This must match one of the urls provided when requesting the development keys
response_type : always use the value code

🚧

Encode redirect_uri

Make sure you URL encode redirect_uri to preserve the query parameters

📘

After this call the user will most likely be prompted to login. If you're a developer and using the sandbox please note that sandbox accounts and developer accounts are different, and cannot use the same email. You can create a sandbox account here

2 - Swap Request Token Code for Access Token

After the user confirms authorization your app will be redirected to the redirect_uri provide in the call along with an oauth_code ie: http://my-domain/oauth/codecallback?code=S6j71D. You need to exchange request token to access token by invoking the following API from your _server.

URL:

https://sandbox-api.veem.com/oauth/token

Body: x-www-form-urlencoded

grant_type : authorizationcode
_scope: all
code: code returned in the callback
redirect_uri: redirect_uri used in the authorize call

Headers:

Authorization Basic <client_id:client_secret>

You need to base64 encode the <client_id:client_secret> tuple.

curl -X POST https://sandbox-api.veem.com/oauth/token -H "Authorization: Basic <base64-encoded-credentials>" -H "Accept: application/json" -d grant_type=authorization_code -d code=<code> -d redirect_uri=http://my-domain/oauth/code_callback -d scope=all

{
    "access_token": "",
    "token_type": "bearer",
    "refresh_token": "",
    "expires_in": 31535999,
    "scope": "all",
    "account_id": 1,
    "user_id": 2
}

Make your first calls to the API (Server)

The access_token needs to be passed as an Authorization Header

Headers:

Authorization Bearer <access_token>

curl -X GET   https://sandbox-api.veem.com/veem/v1.0/hello   -H "Authorization: Bearer <access_token>"

Refresh Token

An API request using an expired token will return a 401 Unauthorized response indicating as such. You can call the token endpoint while passing the refresh token as a parameter to fetch a new access token.

1 - Get Access Token using Refresh Token

URL:

https://sandbox-api.veem.com/oauth/token?refresh_token=

Body: x-www-form-urlencoded

grant_type : refresh_token

Headers:

Authorization Basic <client_id:client_secret>

You need to base64 encode the <client_id:client_secret> tuple.

curl -X POST https://sandbox-api.veem.com/oauth/token?refresh_token=<refresh token> -H "Authorization: Basic <base64-encoded-credentials>" -H "Accept: application/json" -d grant_type=refresh_token

{
    "access_token": "",
    "token_type": "bearer",
    "refresh_token": "",
    "expires_in": 31535999,
    "scope": "all",
    "account_id": 1,
    "user_id": 2
}

Invalid token Error

If you get an "Invalid token" response, please try verifying first your access using the method described in the section "Make your first calls to the API (Server)" of this page. If you get the same error, please renew your token using the method described in the section "Get access token" of this page

Updated about 2 months ago