Create OAuth Key

OAuth Details

Key
Type
Required
Description
refresh_token
String
Required during POST
Token used to generate an OAuth Object.
scope
Array of Strings
Required during POST
Scopes denote which API calls and actions the OAuth key is allowed to do. This field is worth customizing if you will be sending the OAuth key to the client device for certain actions reducing the damage a man-in-the-middle attack can do.
​
​
​
​
Fingerprints
As fingerprints are required for OAuth key generation calls, there are options to consider related to the users fingerprint.
Key
Type
Required
Description
is_active
Boolean
Optional
Will execute the MFA flow, to allow changing of is_protected fingerprint value.
is_protected
Boolean
Optional (Requires is_active:true)
Setting to true prevents a fingerprint from being removed once the fingerprint array capacity limit is reached.
​
​
​
​
post
https://api.synapsefi.com
/v3.1/oauth/:user_id
OAuth
Example Request
HTTP
cURL
Python
JS
PHP
GO
POST /v3.1/oauth/5faa6da8f8db933dac59bdc5 HTTP/1.1
Host: uat-api.synapsefi.com
X-SP-GATEWAY: client_id_2bb1e412edd311e6bd04e285d6015267|client_secret_6zZVr8biuqGkyo9IxMO5jY2QlSp0nmD4EBAgKcJW
X-SP-USER-IP: 255.127.79.76
X-SP-USER: |e83cf6ddcf778e37bfe3d48fc78a6502062fc
Content-Type: application/json
​
{
  "refresh_token": "refresh_ydA5vGjnbHh2SipakwIMJe0TUVmKg7Dt8rBC6N1R",
  "scope": [
    "USER|PATCH",
    "USER|GET",
    "NODES|POST",
    "NODES|GET",
    "NODE|GET",
    "NODE|PATCH",
    "NODE|DELETE",
    "TRANS|POST",
    "TRANS|GET",
    "TRAN|GET",
    "TRAN|PATCH",
    "TRAN|DELETE",
    "SUBNETS|POST",
    "SUBNETS|GET",
    "SUBNET|GET",
    "SUBNET|PATCH",
    "STATEMENTS|GET",
    "STATEMENT|GET",
    "STATEMENTS|POST",
    "CONVERSATIONS|POST",
    "CONVERSATIONS|GET",
    "CONVERSATION|GET",
    "CONVERSATION|PATCH",
    "MESSAGES|POST",
    "MESSAGES|GET"
  ]
}
curl --location --request POST 'https://uat-api.synapsefi.com/v3.1/oauth/5faa6da8f8db933dac59bdc5' \
--header 'X-SP-GATEWAY: client_id_2bb1e412edd311e6bd04e285d6015267|client_secret_6zZVr8biuqGkyo9IxMO5jY2QlSp0nmD4EBAgKcJW' \
--header 'X-SP-USER-IP: 255.127.79.76' \
--header 'X-SP-USER: |e83cf6ddcf778e37bfe3d48fc78a6502062fc' \
--header 'Content-Type: application/json' \
--data-raw '{
    "refresh_token":"refresh_ydA5vGjnbHh2SipakwIMJe0TUVmKg7Dt8rBC6N1R",
    "scope":[
        "USER|PATCH",
        "USER|GET",
        "NODES|POST",
        "NODES|GET",
        "NODE|GET",
        "NODE|PATCH",
        "NODE|DELETE",
        "TRANS|POST",
        "TRANS|GET",
        "TRAN|GET",
        "TRAN|PATCH",
        "TRAN|DELETE",
        "SUBNETS|POST",
        "SUBNETS|GET",
        "SUBNET|GET",
        "SUBNET|PATCH",
        "STATEMENTS|GET",
        "STATEMENT|GET",
        "STATEMENTS|POST",
        "CONVERSATIONS|POST",
        "CONVERSATIONS|GET",
        "CONVERSATION|GET",
        "CONVERSATION|PATCH",
        "MESSAGES|POST",
        "MESSAGES|GET"
    ]
}'
​
​
​
​
​

Key	Type	Required	Description
`refresh_token`	String	Required during `POST`	Token used to generate an OAuth Object.
`scope`	Array of Strings	Required during `POST`	Scopes denote which API calls and actions the OAuth key is allowed to do. This field is worth customizing if you will be sending the OAuth key to the client device for certain actions reducing the damage a man-in-the-middle attack can do.

Key	Type	Required	Description
`is_active`	Boolean	Optional	Will execute the MFA flow, to allow changing of is_protected fingerprint value.
`is_protected`	Boolean	Optional (Requires `is_active:true)`	Setting to true prevents a fingerprint from being removed once the fingerprint array capacity limit is reached.

OAuth Object Details

Generate Refresh Token

Last modified 6mo ago