Authorization Code

Obtaining Credentials

🚧

Email [email protected] to request credentials so that you can access the Talkdesk APIs.

For Talkdesk AppConnect™ app providers, a client ID and secret with be provided to the customer during the installation process.

Obtaining Authorization Codes

The partner app may request an access token for a specific Talkdesk user, via a user interface (UI). This UI grants access to the user’s resources via the API.

To get an access token using the Authorization Code grant type, first an authorization code must be obtained from Talkdesk by redirecting the user to /oauth/authorize.

🚧

Talkdesk Account Name

To request the authorization code from the proper URL, Talkdesk recommends providing an interface so that the user can retrieve the Talkdesk account name (prior to this request).

Callback to Redirect URI

After authenticating with the Talkdesk platform, you are sent to the redirect URI provided on the authorization request.

These query parameters are provided as part of the callback request to the redirect URI.

Parameters

Description

Code

Authorization code that is exchanged for the access token

State

The state parameter that was provided in the authorization request - it is recommended to confirm that these values match. This is accomplished by storing the authorization request's state in the HTTP session.

Sample Request

GET https://{talkdesk-account-name}.talkdeskid.com/oauth/talkdesk HTTP/1.1

code=JqE0K105mNH9PhxCgrklIpjwp3CstGJpj3tad9TS7LxRKTbz2x8UYL2kw34Mr6&
state=3JudokjAcKrJJHxYvYYA84hLfTPj7OWnZlOXQug3jLnOCpFhBqOqoKgeGGlV7

Obtaining Access Tokens

The code parameter provided in the callback is a one-time authorization code that can be used to obtain an access token on behalf of the authenticated Talkdesk user.

To exchange the Authorization Code grant for an access token, issue a POST request to /oauth/token.

❗️

Updating an Access Token after Expiring

If you're using an Authorization Code grant, and the access token expires after 10 minutes, you must request a new token using the Refresh Token functionality.

🚧

Authentication via AppConnect

If you plan on listing your app on AppConnect, use a Signed JWT for additional security when retrieving a token.


Did this page help you?