This article is part of the article serie
Setting up OAuth 2.0 - IntroductionYou can only connect to Twinfield's API using an access token. You can request an access token by using a refresh token. An access token is only valid for one hour. After it has expired you need to request a new access token.
To request an access token you need to send a POST request to this endpoint:
https://login.twinfield.com/auth/authentication/connect/token
The refresh token is connected to your client ID. Twinfield will only accept the refresh token when you can proof to Twinfield that you are the owner of your client ID. You can prove this by sending along an authorization string. Please refer to this article:
How to create an authorization stringUse the table below for the headers that you need to send along in your POST request.
Use the table below for the body that you need to send along in your POST request:
| Body | Value |
|---|
| grant_type | Use this value: refresh_token |
| refresh_token | Use the refresh token. |
If Twinfield accepted the refresh token and your authorization string, then you should receive a reply like this:
{
"access_token": "25a62e#######66f52",
"expires_in": 3600,
"token_type": "Bearer",
"refresh_token": "077e5##########722"
}
In the attachment of the introduction article you will find a Postman collection in which you will find an example of this POST request:
Setting up OAuth 2.0 - IntroductionYou might also be interested in this article:
Can I find code snippets for C#, PHP and other languages?Remember the access token and continue to the next step:
Send a request
