API key exchange method
In this section we will describe a method that allows to exchange an API key for the OAuth authorization code
Exchange of API keys for the OAuth authorization code
Method
POST /oauth2/exchange_api_key
Description
This method allows to exchange an API key for the OAuth authorization code.
Authorization code will be sent to the Redirect Uri specified for your integration with the additional GET-parameter from_exchange=1.
The process of exchanging the authorization code is described in detail here.
Limitations
- Method is available for all account users
- It is possible to call this method for one user and one integration only once every 5 minutes. This limitation might be changed in future.
- Integration has to be installed on the account to call this method
- Authorization code will be sent to the Redirect Uri specified for your integration with the additional GET-parameter from_exchange=1
Request header
Content-Type: application/json
Request parameters
Parameter | Data type | Description |
---|---|---|
login | string | User’s login |
api_key | string | User’s valid API key |
client_uuid | string | UUID of the oAuth integration that will receive an authorization code |
client_secret | string | Secret key of the oAuth integration that will receive an authorization code |
state | string | State parameter that will be returned as a webhook with the authorization code. Is not a mandatory parameter. |
An example of the request
{
"login": "example@test.com",
"api_key": "xxe9YYfxx0e6axx06c6xx55249xx8bXXe11ebfxx",
"client_uuid": "0eYY11a7-aXX3-403d-a758-XXc54e2XX6a3",
"client_secret": "yuyXXG0D4ufVc9ELHk1zZEk5GGfvVJXjIHrvP3auXXaHmPZC18YYte6FOLZZkuTk"
}
HTTP response codes.
Response code | Case |
---|---|
202 | Request successful |
403 | Insufficient rights to call this method |
429 | Method is called too frequently |
400 | Invalid data given. Details are available in the request response |
Response parameters
Method does not return a body