apioauth-2.0oauthtwinfield

Twinfield API: how to get accesstoken using postman?


I'm trying to connect to the Twinfield API. I have registered an app in the developer portal, and created a callback URI. My call looks as follows:

https://login.twinfield.com/auth/authentication/connect/authorize?redirect_uri=https://oauth.pstmn.io/v1/callback&response_type=id_token+token&client_id=###&client_secret=#####

Link to twinfield api documentation

However I get the error stating that the client application is not known or is not authorized.

Can someone help me with this problem?


Solution

  • Think you are missing the code, see below the response_type

    &response_type=code&scope=openid+twf.user+twf.organisation+twf.organisationUser+offline_access&redirect_uri=https://oauth.pstmn.io/v1/callback&
    

    Once you've run this, you get a code and together with basic64encoding of your client_id:client_secret would profide you an access code.

    The whole request should look like:

    https://login.twinfield.com/auth/authentication/connect/authorize?client_id={xxxx}&response_type=code&scope=openid+twf.user+twf.organisation+twf.organisationUser+offline_access&redirect_uri=https://oauth.pstmn.io/v1/callback&state=SOME_RANDOM_STATE&nonce=SOME_RANDOM_NONCE
    

    for me to get this working in postman I need to copy the whole link into the browser, login there and then get from the return link the code when you see the page "Your call is authenticated"