Home / / OAuth Authentication

OAuth Authentication

OAuth simplifies the process of obtaining an API token. When an admin user authorizes a third-party app with OAuth, the app receives a token. This token serves as the API token, enabling the app to authenticate and access Onpipeline’s APIs on behalf of the user. OAuth ensures secure access without the need to share user credentials.

As a developer you just need to send users (administrators) to the authentication form, and then request the token from the “redirect url” on your server.

1. Get Authorization Code

https://app.onpipeline.com/auth-oauth/?client_id=your_client_id&redirect_url=redirect_url_encoded

If the user successfully logs in, the browser will be redirected to the redirect_url you set when the login form was loaded. The code you need to request a Token will be passed to the redirect url in the query string.

Example:

https://yourserver/script?code=b157b972475d1f4bdf3c333354b0a506cca23917258f816abe21

State (state_check): It is possible to pass a unique session ID, which will then be returned by the verify URL by including it in state_check. The parameter is optional and can contain an alphanumeric string up to 100 characters long. This can be useful for correlating the verification response with the original request, improving security in session handling.

https://app.onpipeline.com/auth-oauth/?client_id=your_client_id&redirect_url=redirect_url_encoded&state_check=your_id

2. Get Access Token

Within your redirect url (script) you will send a GET or POST to the verify URL including:

  • Client ID – client_id
  • Client Secret – client_secret
  • Code you have received in the query string of the redirect_url – code

Verify URL:

https://app.onpipeline.com/auth-oauth/verify

The verify url will respond with a json object like the following:

{

"Client_Id":"your_client_id",
"Token":"426d0e18ea0d1ec1c9ca7e0917280d75e5769a232f6daf38b55c",
"State":"your_id" 
}

* The state_check value, if set, will be returned by the verify URL (State=state_check).

Just save the Token value into your server and use it to connect to our API. Don’t forget to redirect the user to a thank you page including detailed information about your App usage.

Sample php code for your redirect script:

$client_id = "your_client_id";
$client_secret = "your_client_secret";
$code = $_GET['code'];
$verify_url="https://app.onpipeline.com/auth-oauth/verify";
$verify_url.="?client_id=$client_id&code=$code&client_secret=$client_secret";
$response = file_get_contents($verify_url);

Register as a Developer:

To obtain your client_id and client_secret, please get in touch with support@onpipeline.com

If you have any questions or need assistance, feel free to reach out!
CONTACT US