Authorization Code

Authorization Code grant allows secure access to user resources by obtaining an authorization code, exchanging it for an access token, and ensuring API security.

Getting Credentials


Request credentials so that you can access the Talkdesk APIs.

For Talkdesk AppConnect™ app providers, a client ID and secret will be provided to the customer during the installation process.

Getting Authorization Codes

The partner app may request an access token for a specific Talkdesk user, via a user interface (UI). This UI grants access to the user’s resources via the API.

To get an access token using the Authorization Code grant type, first an authorization code must be obtained from Talkdesk by redirecting the user to /oauth/authorize.


Talkdesk Account Name

To request the authorization code from the proper URL, Talkdesk recommends providing an interface so that the user can retrieve the Talkdesk account name (prior to this request).

Callback to Redirect URI

After authenticating with the Talkdesk platform, you are sent to the redirect URI provided on the authorization request.

These query parameters are provided as part of the callback request to the redirect URI.

CodeAuthorization code that is exchanged for the access token
StateThe state parameter that was provided in the authorization request - it is recommended to confirm that these values match. This is accomplished by storing the authorization request's state in the HTTP session.

Sample Request

GET https://{talkdesk-account-name} HTTP/1.1


Getting Access Tokens

The code parameter provided in the callback is a one-time authorization code that can be used to obtain an access token on behalf of the authenticated Talkdesk user.

To exchange the Authorization Code grant for an access token, issue a POST request to /oauth/token.


Updating an Access Token after Expiring

If you're using an Authorization Code grant, and the access token expires after 10 minutes, you must request a new token using the Refresh Token functionality.


Authentication via AppConnect

If you plan on listing your app on AppConnect, use a Signed JWT for additional security when retrieving a token.


API Reference

Authorization Code

Authorization Code - Basic



If you have questions or technical issues, please open a ticket using this form.