OAuth2 Flow
Overview of the flow OAuth2 Flow ReceiptHero
Get an authorization code
Initiate the flow by redirecting the user to the ReceiptHero consent page.
Redirect
If the user approves the request then the authorization server will redirect the user to the redirect URI defined in the request.
Scopes
State
To use the state parameters, the state is to be defined in JSON and encoded into Base64.
Callback
The client must make sure that the state matches the provided state value provided to the authorization endpoint. This protects against CSRF type of attacks. The code expires one minute after it has been created.
Exchange the authorization code for an access token
The client sends the previously received authorization code to the token endpoint which then returns an access token.
Request
The request can be made in either application/json or application/x-www-form-urlencoded.
Response
The returned access token is a JSON Web Token.
In Token you get ID for this connection.
Claims
Revoke Access Token
Response OK
Response Not Found
Update existing OAuth2 connection
It is possible to update an existing OAuth2 connection by using this dedicated view.
Query Parameters
Redirect
The user is redirected back with the following query string parameters:
Last updated