User API - Oauth 2.0 flow example with cURL

With OAuth 2.0 we support the following methods for retrieving an access token:

Authorization Code (example below)
Recommended approach for apps running on a web server
For authorization with your Consumer Application client_id, username and password. This is only suitable if you wish to communicate solely with your own Sharesight account.
Client Credentials
For authorization with your Consumer Application client_id and secret. This is only suitable if you wish to communicate solely with your own Sharesight account linked to the Consumer Application.
For browser-based or mobile apps where the browser/app cannot maintain the confidentiality of their client secret.

Obtaining an Access Token via grant type "Authorization Code"

The following article describes how to obtain an access token via the Oauth 2.0 Authorization Code grant type. For simplicity its written with cURL.

  1. Redirect the user to the Sharesight website, including your OAuth 2.0 client_id and redirect_uri (the page Sharesight will redirect to after successful authentication).
    Be aware that the redirect_uri has to match the Redirect URI from your Account Settings > Sharesight Connect page, as described in Configuring OAuth. And make sure it is URI-escaped (like
  2. After the user authorises your application, Sharesight will redirect back to your redirect URI, with the authorisation code attached as HTTP parameter, like this
  3. Use this authorisation code to request an access token from Sharesight:

    curl -X POST -F grant_type=authorization_code -F code=8a4ea...36d8 -F redirect_uri=YOUR_REDIRECT_URI -F client_id=YOUR_CLIENT_ID -F client_secret=YOUR_CLIENT_SECRET
    Our API will return a JSON string like this

    {"access_token": "e8b9...8c9f", "token_type": "bearer", "expires_in": 1800, "refresh_token": "5ece...067c", "created_at": 1431483450 }
    where access_token is your The OAuth 2.0 access token, to be used for upcoming API requests. Make sure to also save refresh_token for later usage.

API usage with the access token

Use your access token to create an Authorization Header Authorization: Bearer YOUR_ACCESS_TOKEN and use this header to access the Sharesight API:

curl -H "Authorization: Bearer e8b9...8c9f"

Refreshing an Access Token

Sharesight access tokens are only valid for 30 minutes. Once expired, you have to refresh the access token using the before-mentioned refresh_token

curl -X POST -F grant_type=refresh_token -F client_id=YOUR_CLIENT_ID -F refresh_token=YOUR_REFRESH_TOKEN
which will return a new access token:

{"access_token": "0841...0e99", "token_type": "bearer", "expires_in": 1800, "refresh_token": "04f0...b41a", "created_at": 1431396211 }