Issue OAuth Key

Issue an OAuth key for access to our UI products

The next step after creating the user is getting the user authenticated for subsequent API calls. To get the Oauth token for the user, the refresh token from the POST user will be passed in the parameters of this call. A refresh token can also be retrieved by performing a GET on the specific user. The Oauth token will be returned in the response of this OAuth Key call and will be used in the headers of subsequent API calls to allow users to perform other actions.

API ENDPOINT

https://uat-api.synapsefi.com/v3.1/oauth/:user_id

PATH PARAMETERS

user_id :
required
string

ID of user

BODY PARAMETER

refresh_token :
required
string

The current refresh token associated with the user

scope :
array of strings

OAuth key scope

phone_number :
string

Phone number for 2FA

validation_pin :
string

Validation Pin for 2FA

Additional Tips

  • Refresh tokens expire after 10 uses and update periodically. We manage this complexity for you. To get the most recent Refresh token, do a GET on the user.
  • OAuth Keys currently expires in 2 hours. After a OAuth Key expires, you can use the refresh token to generate a new OAuth Key. When the OAuth Key is refreshed, a new refresh token might be issued as well.
  • For more information on OAuth, please see this section OAuth & Fingerprint

EXAMPLE REQUEST

POST /v3.1/oauth/5bb6ab05472e2500adffad5a HTTP/1.1
Host: uat-api.synapsefi.com
X-SP-GATEWAY: client_id_25BpgCAt3ymEJdkF8iwrKVlOqLZ071IehGTUaz6n|client_secret_bomP73QBiEHwJvO6tMCGXy8NUlgLj14xakzf50RK
X-SP-USER-IP: 127.0.0.1
X-SP-USER: |n38dj3h8NE393bv24ovoRY34kd62
Content-Type: application/json


{
    "refresh_token":"refresh_3ZPYv0UAyKQxGpW4iM0hdT7r1j2JEuzIalLceXDt"
}
body = {
  "refresh_token":"refresh_Y5beJdBLtgvply3KIzrh72UxWMEqiTNoVAfDs98G",
  "scope":[
    "USER|PATCH",
    "USER|GET",
    ...
  ]
}

user.oauth(body)
user._oauthUser({
  refresh_token: '<REFRESH_TOKEN>',
  scope: [
    ‘NODES|POST’,
    ‘NODES|GET’,
    ‘NODE|GET’,
    ‘TRANS|POST’
  ]
});
scope = [
    ‘NODES|POST’,
    ‘NODES|GET’,
    ‘NODE|GET’,
    ‘TRANS|POST’
]

user.authenticate(scope: scope)
$body = (object) [
   "refresh_token" => "refresh_ehG7YBS8ZiD0sLa6PQHMUxryovVkJzElC5gWROXq"
];

$user->ouath($body);
body := `{
    "refresh_token":"refresh_Y5beJdBLtgvply3KIzrh72UxWMEqiTNoVAfDs98G",
    "scope":[
        "USER|PATCH",
        "USER|GET",
        ...
    ]
}`

data, err := user.Authenticate(body)

EXAMPLE RESPONSE

{
    "client_id": "5ade26b4567a900029e2afd2",
    "client_name": "YY Test Account",
    "expires_at": "1539138279",
    "expires_in": "7200",
    "oauth_key": "oauth_P0RneT8ghDzcvX45FLsUE1dk0O7mpayGoirWxtKC",
    "refresh_expires_in": 9,
    "refresh_token": "refresh_3ZPYv0UAyKQxGpW4iM0hdT7r1j2JEuzIalLceXDt",
    "scope": [
        "USER|PATCH",
        "USER|GET",
        "NODES|POST",
        "NODES|GET",
        "NODE|GET",
        "NODE|PATCH",
        "NODE|DELETE",
        "TRANS|POST",
        "TRANS|GET",
        "TRAN|GET",
        "TRAN|PATCH",
        "TRAN|DELETE",
        "SUBNETS|POST",
        "SUBNETS|GET",
        "SUBNET|GET",
        "SUBNET|PATCH",
        "STATEMENTS|GET",
        "STATEMENT|GET"
    ],
    "user_id": "5bb6ab05472e2500adffad5a"
}