OAuth2.0 Quickstart Guide¶
Introduction¶
This basic example demonstrates how to get started with Copper OAuth2.0. For a detailed documentation of each step, click here.
Prerequisites¶
- Your application provides an HTTPS callback endpoint
redirect_uri
capable of receiving POST requests - You have registered your application and received your
client_id
andclient_secret
credentials
Integration¶
Once you have set up your redirect_uri
and obtained a client_id
and client_secret
,
you're ready to kick off the OAuth2.0 authorization process.
Start by adding a form to your web application that makes a GET request to https://app.copper.com/oauth/authorize
:
1 2 3 4 5 6 7 | <form action="https://app.copper.com/oauth/authorize" method="GET"> <input type="hidden" name="response_type" value="code"> <input type="hidden" name="client_id" value="{client_id}"> <input type="hidden" name="redirect_uri" value="{redirect_uri}"> <input type="hidden" name="scope" value="developer/v1/all"> <button type="submit">Integrate with Copper!</button> </form> |
When the user submits this form, the authorization process begins. First, the user will be prompted to log in to their Copper account, followed by a request to authorize your application.
Once the user clicks "Authorize", they will be redirected back to your application's redirect_uri
via a POST request.
Use the code
parameter supplied in the request body, and exchange it for an access token:
1 2 3 4 5 6 7 8 | curl -X POST \ -H "Content-Type: application/x-www-form-urlencoded" \ -d "grant_type=authorization_code" \ -d "code={code}" \ -d "redirect_uri={redirect_uri}" \ -d "client_id={client_id}" \ -d "client_secret={client_secret}" \ https://app.copper.com/oauth/token |
A successful response is a JSON document that looks like this:
1 2 3 4 5 | { "access_token": "MTQ0NjJkZmQ5OTM2NDE1ZTZjNGZmZjI3", "token_type": "Bearer", "scope": "developer/v1/all" } |
Extract access_token
and store it somewhere safe. You are now ready to make Dev API calls on behalf of the user
by passing in access_token
in an Authorization header!
1 2 | curl -H "Authorization: Bearer {access_token}" \ https://api.copper.com/developer_api/v1/account |