The Client Application is used to the differentiation of API usages and allows you to offer the same integration for multiple independent customers.
The Client ID and Client Secret is used only to connect your Application with the Cloud of Dotypos User. Provided Client ID and Client Secret should be kept private and used only for the connection of your Application.
To use the application endpoint you need to obtain Refresh Token first.
To retrieve the Refresh Token, you need to redirect user from your application to the connector page. After the successful connection user will be redirected to provided redirect_uri with query parameter token.
This Refresh Token should be stored safely in your application and used for retrieving Access Token required for all authenticated endpoints.
All query parameters except
state are required.
Client ID (received after registration)
Client Secret (received after registration)
Scope of requested access
Indicates the URI to return the user to after registration is complete
A value used to maintain state between the request and callback. The parameter is used to protect against Cross-Site Request forgery (CSRF)
User will be redirected to provided
redirect_url with extra query parameters:
Selected Cloud ID
(not provided yet)
CSRF parameter provided in redirect request
(provided only if presented in redirect request)
The access token obtained without specifying the cloud ID allows you only to Get list of clouds. Access to all other endpoints will be denied.
To get access to all endpoints you need to retrieve the Access Token for the specific cloud. This is done by specifying the cloud ID in the request body.
The returned access token will allow you to access the specified cloud only. To obtain access into another cloud you need to call the Get Access Token again with a new cloud ID.
For every authenticated request, you need to include the Access Token in the
Authorization: Bearer accessToken . This is described with every method in the API Reference section of the documentation.