Authorization Code
Authorization Code grant allows secure access to user resources by obtaining an authorization code, exchanging it for an access token, and ensuring API security.
Getting Credentials
Request credentials so that you can access the Talkdesk APIs.
For Talkdesk AppConnect™ app providers, a client ID and secret will be provided to the customer during the installation process.
Getting Authorization Codes
The partner app may request an access token for a specific Talkdesk user, via a user interface (UI). This UI grants access to the user’s resources via the API.
To get an access token using the Authorization Code grant type, first an authorization code must be obtained from Talkdesk by redirecting the user to /oauth/authorize
.
Talkdesk Account Name
To request the authorization code from the proper URL, Talkdesk recommends providing an interface so that the user can retrieve the Talkdesk account name (prior to this request).
Callback to Redirect URI
After authenticating with the Talkdesk platform, you are sent to the redirect URI provided on the authorization request.
These query parameters are provided as part of the callback request to the redirect URI.
Parameters | Description |
---|---|
Code | Authorization code that is exchanged for the access token |
State | The state parameter that was provided in the authorization request - it is recommended to confirm that these values match. This is accomplished by storing the authorization request's state in the HTTP session. |
Sample Request
GET https://{talkdesk-account-name}.talkdeskid.com/oauth/talkdesk HTTP/1.1
code=JqE0K105mNH9PhxCgrklIpjwp3CstGJpj3tad9TS7LxRKTbz2x8UYL2kw34Mr6&
state=3JudokjAcKrJJHxYvYYA84hLfTPj7OWnZlOXQug3jLnOCpFhBqOqoKgeGGlV7
Getting Access Tokens
The code
parameter provided in the callback is a one-time authorization code that can be used to obtain an access token on behalf of the authenticated Talkdesk user.
To exchange the Authorization Code grant for an access token, issue a POST
request to /oauth/token
.
Updating an Access Token after Expiring
If you're using an Authorization Code grant, and the access token expires after 10 minutes, you must request a new token using the Refresh Token functionality.
Authentication via AppConnect
If you plan on listing your app on AppConnect, use a Signed JWT for additional security when retrieving a token.
API Reference
Troubleshooting
If you have questions or technical issues, please open a ticket using this form.
Updated 12 months ago