OAuth
OAuth
Veem uses OAuth2 three-legged and two-legged to provide authorized access to its API.
Steps for two-legged
Using this flow clients will obtain authorization to interact with the Veem API on its own behalf. This is a server-to-server flow with interaction between an application and the Veem API.
1 - Get Access Token
URL:
https://sandbox-api.veem.com/oauth/token
Body: x-www-form-urlencoded
grant_type : client_credentials
scope: all
Headers:
Authorization Basic <client_id:client_secret>
You need to base64 encode the <client_id:client_secret> tuple.
curl -X POST https://sandbox-api.veem.com/oauth/token -H "Authorization: Basic <base64-encoded-credentials>" -H "Accept: application/json" -d grant_type=client_credentials -d scope=all
{
"access_token": "",
"token_type": "bearer",
"refresh_token": "",
"expires_in": 31535999,
"scope": "all",
"account_id": 1,
"user_id": 2
}
Steps for three-legged
Using this flow clients will obtain authorization to interact with the Veem API on behalf of a different user.
1 - Initiate the OAuth access call (Web Browser)
This initiates the Connect with Veem from your customer's browser. You need to use our official buttons similar to what shown below and initiate the flow using the correct parameters mentioned below. To download the button images click here.
URL:
Query Params:
client_id : your client_id provided by Veem
redirect_uri : the redirect uri to use in the code callback. This must match one of the urls provided when requesting the development keys
response_type : always use the value code
Encode redirect_uri
Make sure you URL encode redirect_uri to preserve the query parameters
After this call the user will most likely be prompted to login. If you're a developer and using the sandbox please note that sandbox accounts and developer accounts are different, and cannot use the same email. You can create a sandbox account here
2 - Swap Request Token Code for Access Token
After the user confirms authorization your app will be redirected to the redirect_uri provide in the call along with an oauth_code ie: http://my-domain/oauth/code_callback?code=S6j71D. You need to exchange request token to access token by invoking the following API from your server.
URL:
https://sandbox-api.veem.com/oauth/token
Body: x-www-form-urlencoded
grant_type : authorization_code
scope: all
code: code returned in the callback
redirect_uri: redirect_uri used in the authorize call
Headers:
Authorization Basic <client_id:client_secret>
You need to base64 encode the <client_id:client_secret> tuple.
curl -X POST https://sandbox-api.veem.com/oauth/token -H "Authorization: Basic <base64-encoded-credentials>" -H "Accept: application/json" -d grant_type=authorization_code -d code=<code> -d redirect_uri=http://my-domain/oauth/code_callback -d scope=all
{
"access_token": "",
"token_type": "bearer",
"refresh_token": "",
"expires_in": 31535999,
"scope": "all",
"account_id": 1,
"user_id": 2
}
Make your first calls to the API (Server)
The access_token needs to be passed as an Authorization Header
Headers:
Authorization Bearer <access_token>
curl -X GET https://sandbox-api.veem.com/veem/v1.0/hello -H "Authorization: Bearer <access_token>"
Refresh Token
An API request using an expired token will return a 401 Unauthorized response indicating as such. You can call the token endpoint while passing the refresh token as a parameter to fetch a new access token.
1 - Get Access Token using Refresh Token
URL:
https://sandbox-api.veem.com/oauth/token?refresh_token=
Body: x-www-form-urlencoded
grant_type : refresh_token
Headers:
Authorization Basic <client_id:client_secret>
You need to base64 encode the <client_id:client_secret> tuple.
curl -X POST https://sandbox-api.veem.com/oauth/token?refresh_token=<refresh token> -H "Authorization: Basic <base64-encoded-credentials>" -H "Accept: application/json" -d grant_type=refresh_token
{
"access_token": "",
"token_type": "bearer",
"refresh_token": "",
"expires_in": 31535999,
"scope": "all",
"account_id": 1,
"user_id": 2
}
Updated about 4 years ago