Authorization code flow

Connect to Kandio directly from you own application to receive the required access token for accessing Kandio's API resources. Follow the guidelines below to manage the authorization code flow.

The Authorization Code grant type is used by API applications integrating to Kandio's API to exchange an authorization code for an access token. Allow the user to trigger the authorisation flow from your system by implementing the following flow:

Your system sends the user and password to Kandio's authentication server.
Kandio will repond with an access token and refresh token for your application to use
Your system automatically handles the continuous refresh token exchange.

Requirements and limitations

The Kandio's OpenApi requires HTTPS.
Kandio's OAuth access tokens expire after 1 hour. After expiration, applications must generate a new OAuth access token using the refresh token received when the authorization was first granted.
Refresh tokens can only be used once.

Requesting tokens

POST /oauth/token

Request Body

Name

Type

Description

password*

String

password

username*

String

username

client_secret*

String

client_secret

client_id*

String

client_id

password*

String

password

scope*

String

{
  "token_type": "Bearer",
  "expires_in": 1296000,
  "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiI5NDFmZjI5MC1lY2MxLTQxYjQtYmY3OS01YTllMTVhZGFjZDciLCJqdGkiOiIwYzMzODI5MjZiNjQ5MjEwOWVlZDljYTJkNDQ0YzM3YjJjYTVjZDVmMjEwMmQ4MjgxNDdiMjQwYzY2YTM0ZDlkZTFlN2YzN2M1MDU5ZWRjMSIsImlhdCI6MTYzODI0NjY2MSwibmJmIjoxNjM4MjQ2NjYxLCJleHAiOjE2Mzk1NDI2NjEsInN1YiI6IjEiLCJzY29wZXMiOlsiKiJdfQ.AF66u01dC_hAlxeCBl3ul1SzKaGwOuvq4Wnsfppe2fcbBN6bcAtciPus9X6TO-_OgLIZWSMnaVDCfTdbKm8MhcT9mkNeK_tZkkd2BhWjN0R0ZTNYOJ96WxQpIT-MX8j3Tt8JppqveKAEngvJhk3Rs5xIwrgGeRE0KQPZBZ9-BqWgxvJa1uhhYk0TnVHKvoT-vp9u55N6_neQh7-uxYyB4TZE1prbOQB7z7bDemxojwttd3S6OMLT5GihhK-eUaFFlLyx2K9Q_nvoPzKrFqJLUOUcd4GYMIqqtams771DHFxBvbtrnBJCxwMAK-BpkgGpUTjppnpO8OF-YOCLHnlOllKTQrb-xUKWawOt62HunGNWZxkfbFcn1MFMiM-jqeqYgI-ZeG326Ya5YCQwYFUU4Xn0OwsfdfQgjnS9kvC6211oSqtVzSmmqx_3aiwF1kjmPMdTijOcnwqB9lX-FieOLrfI3G9J24bhss-6av_kq_Mzmf3-Fx5SkZ61mzaA8du9_uitbgcYiNYgiuZas9obUR7GiumyIPdL8Mw7zwh63rU_oNnUNcx3YhCDyaREiD_umWgBDpqIerw9P4DVjKSniD7qihstQQlk5bzyBBv9_iYBaLEnHvoI_xT5CB8CQ9SqD3jToQ6Q-A-tS0B7zcTiDc0k6zaILJYPSB4hZdch6Vo",
  "refresh_token": "def50200e82df3ae44ff04fc55f8e3fcb8042b8a3f7c8d42ebdff222c2b5d1c4917b47bc0a90120f74da26ba93d7ee88721a2ab2d495e8015fd34c7241e574e097d9e886d196aa2269000c3674083db1c1db28081970888959d6a71d81f2f9f1d34daf1e62187127e363ac07723b7f72ba20219a4878aafc0d9272af2e36c99626592543e96b9d7b508d73cce3c7a5f6871ac63d484c69de7c3aeb0c157af8de8ce521d79e0808840847250c8a59c7e0b7b7a929fadc5a02a71f70fd0c1401a14e8a0816598a61f3dc846b39bdba27160d98c0e3d1a20fe534c96d1a321e786e0a02a17b55acbd866b570e3a39ff7ba1bff994999d87710d608cb5d0b0bab74914b30a3ffda10ada5bd8c957d1fcaaf76269d8caf3bd83cc9cb7a0ef090c5e80726dff02b89462d96d5943e9aff64ac0378891083fa38b036ea4af7e642481b38eaed1122dcea688b5758ed08aa86edba169782dc54a4c45079bd770d628b6198b0893ec9b7f72c3bc0ad000e22fbf976d956352664411779c4efc2e88203d00586877f5fabe35"
}

Refreshing tokens

POST /oauth/token

Request Body

Name

Type

Description

grant_type*

String

refresh_token

client_id*

String

client_id

client_secret

String

client_secret

refresh_token*

String

refresh_token

scope*

String

{
  "token_type": "Bearer",
  "expires_in": 1296000,
  "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdWQiOiI5NDFmZjI5MC1lY2MxLTQxYjQtYmY3OS01YTllMTVhZGFjZDciLCJqdGkiOiIwYzMzODI5MjZiNjQ5MjEwOWVlZDljYTJkNDQ0YzM3YjJjYTVjZDVmMjEwMmQ4MjgxNDdiMjQwYzY2YTM0ZDlkZTFlN2YzN2M1MDU5ZWRjMSIsImlhdCI6MTYzODI0NjY2MSwibmJmIjoxNjM4MjQ2NjYxLCJleHAiOjE2Mzk1NDI2NjEsInN1YiI6IjEiLCJzY29wZXMiOlsiKiJdfQ.AF66u01dC_hAlxeCBl3ul1SzKaGwOuvq4Wnsfppe2fcbBN6bcAtciPus9X6TO-_OgLIZWSMnaVDCfTdbKm8MhcT9mkNeK_tZkkd2BhWjN0R0ZTNYOJ96WxQpIT-MX8j3Tt8JppqveKAEngvJhk3Rs5xIwrgGeRE0KQPZBZ9-BqWgxvJa1uhhYk0TnVHKvoT-vp9u55N6_neQh7-uxYyB4TZE1prbOQB7z7bDemxojwttd3S6OMLT5GihhK-eUaFFlLyx2K9Q_nvoPzKrFqJLUOUcd4GYMIqqtams771DHFxBvbtrnBJCxwMAK-BpkgGpUTjppnpO8OF-YOCLHnlOllKTQrb-xUKWawOt62HunGNWZxkfbFcn1MFMiM-jqeqYgI-ZeG326Ya5YCQwYFUU4Xn0OwsfdfQgjnS9kvC6211oSqtVzSmmqx_3aiwF1kjmPMdTijOcnwqB9lX-FieOLrfI3G9J24bhss-6av_kq_Mzmf3-Fx5SkZ61mzaA8du9_uitbgcYiNYgiuZas9obUR7GiumyIPdL8Mw7zwh63rU_oNnUNcx3YhCDyaREiD_umWgBDpqIerw9P4DVjKSniD7qihstQQlk5bzyBBv9_iYBaLEnHvoI_xT5CB8CQ9SqD3jToQ6Q-A-tS0B7zcTiDc0k6zaILJYPSB4hZdch6Vo",
  "refresh_token": "def50200e82df3ae44ff04fc55f8e3fcb8042b8a3f7c8d42ebdff222c2b5d1c4917b47bc0a90120f74da26ba93d7ee88721a2ab2d495e8015fd34c7241e574e097d9e886d196aa2269000c3674083db1c1db28081970888959d6a71d81f2f9f1d34daf1e62187127e363ac07723b7f72ba20219a4878aafc0d9272af2e36c99626592543e96b9d7b508d73cce3c7a5f6871ac63d484c69de7c3aeb0c157af8de8ce521d79e0808840847250c8a59c7e0b7b7a929fadc5a02a71f70fd0c1401a14e8a0816598a61f3dc846b39bdba27160d98c0e3d1a20fe534c96d1a321e786e0a02a17b55acbd866b570e3a39ff7ba1bff994999d87710d608cb5d0b0bab74914b30a3ffda10ada5bd8c957d1fcaaf76269d8caf3bd83cc9cb7a0ef090c5e80726dff02b89462d96d5943e9aff64ac0378891083fa38b036ea4af7e642481b38eaed1122dcea688b5758ed08aa86edba169782dc54a4c45079bd770d628b6198b0893ec9b7f72c3bc0ad000e22fbf976d956352664411779c4efc2e88203d00586877f5fabe35"
}

PreviousOverview NextRelease notes

Last updated 4 years ago