tiny+ knowledge base
  • Welcome
  • Our pitch
  • Using tiny+
    • Getting started
      • Designing your project pipeline
      • Designing your client relationship pipeline
      • Setting up categories and tags
      • Importing your content
      • Adding your team
    • Guides
      • News Feed
      • For Me
      • Projects
      • Companies
      • Contacts
      • Assessments
      • User Permissions & Roles
    • How Tos
      • Merging duplicate records
      • Subscribing to a news feed
      • Enabling Two Factor Authentication
      • Building Lists
    • Integrations
      • SharePoint / Intranet
      • Office 365
      • Synergy
      • Mailchimp
      • Zapier
      • Custom integrations
    • Advanced topics
      • Project date fields
      • Single Sign-On (Azure)
  • API Documentation
    • Introduction
    • Getting access
      • Javascript token
      • Simple access token
      • Register a Client App
      • oAuth Authorisation process
    • Endpoints
      • Projects
      • Companies
      • Contacts
      • Enquiries
      • Team Members
      • Tasks
      • Meetings
      • Posts
Powered by GitBook
On this page
  • Create the oAuth request
  • oAuth Authorisation

Was this helpful?

  1. API Documentation
  2. Getting access

oAuth Authorisation process

We use the oAuth 2.0 Implicit workflow to grant access tokens.

Create the oAuth request

In your app, provide a Login button that makes a request, as follows.

oAuth Authorisation

GET https://api.tiny.plus/oauth/authorize

This will present a login screen and a permission screen to the user.

Query Parameters

Name
Type
Description

response_type

string

Set this to token.

client_id

string

Your app's client_id, provided by tiny+.

redirect_uri

string

Provide the full URI for redirection at the conclusion of the auth flow.

scope

string

Set this to read or readwrite, depending on your requirements.

state

string

Provide a CSRF token that we will provide back to you at the end of the auth flow. This helps protect your users from man in the middle attacks.

https://[yoururl]?token_type=Bearer&expires_in=[TTL]&access_token=[your access token]&state=[your provided CSRF token]

PreviousRegister a Client AppNextEndpoints

Last updated 5 years ago

Was this helpful?