If you are a partner with an existing API token integration, you may want to migrate your existing integration's users to a Marketplace app.
It's possible to exchange the API token to a pair of access and refresh tokens using a custom grant type. You must execute this HTTP request to the OAuth server:
In order to execute the request, your request has to be authenticated via HTTP Basic Auth with the values of
|Base 64 encoded string containing the |
Value should be
Note that authentication could also be done by providing values for
client_secretin the request body, but it's not recommended. Use it only when you cannot use HTTP Basic Auth approach.
|Since you are trying to exchange an API token to a pair of tokens, you must use value |
|API token of the user|
Have in mind that each
api_tokencan be exchanged only once, you have one chance for this operation. In case of problems, please contact [email protected]
If all data is correct, you will receive a response with the JSON data:
|JSON key name||Description|
|Access token you need to use for accessing user's data via API|
|The format of the token. Always "bearer"|
|Refresh token which is needed when you refresh |
|List of scopes selected in the app's settings|
|TTL of access token in seconds. After this time token will become invalid and you have to refresh it|
|The base URL path, including the |
When the exchange of the tokens was successful, all users who were previously using the API token integration, will receive an email notifying them about the following:
- the integration has now been update to an OAuth app,
- the OAuth app has been installed to their company,
- the user needs to confirm the permissions the app has in their account before starting to use it.
The app will also appear in the user's Settings > Tools and apps > (Integrations) > Marketplace apps page.
Now you should delete the API token, because from this point on your app must only use OAuth authentication.
Updated almost 2 years ago