User API - Configuring OAuth
The Sharesight User API uses the OAuth 2.0 protocol. To authenticate with OAuth 2.0 we strongly recommend that you use an OAuth library in your favourite programming language .
The following OAuth 2.0 authentication endpoints are available
HTTP verb | Endpoint |
---|---|
GET | /oauth2/authorize/:code |
GET | /oauth2/authorize |
POST | /oauth2/authorize |
PATCH | /oauth2/authorize |
PUT | /oauth2/authorize |
DELETE | /oauth2/authorize |
POST | /oauth2/token |
POST | /oauth2/revoke |
GET | /oauth2/token/info |
Obtaining your OAuth 2.0 API credentials
Contact Sharesight to request an API account. Once enabled, your OAuth 2.0 Client ID, Client Secret and your Redirect URI will be available under Account > Sharesight API. Note that API accounts can be configured by Sharesight to allow only the account owner to log in (for personal or internal business applications) or to allow any user (for published applications).
Obtaining an Access token
We recommend to read following article by Aaron Parecki which offers a simple explanation and advice for implementing the OAuth 2.0 protocol. Although we recommend using an OAuth Library, we've also provided an OAuth example using cURL which details the mechanics of the OAuth 2.0 authentication flow.
Be aware that Sharesight access tokens are valid for 30 minutes and need to be refreshed frequently.
Generally we recommend that you use the authorization_code grant type. If you wish to obtain access tokens for your end users you must use this grant type. Please note that single sign on (SSO) requires an access token for the user.
If you only wish to connect to your own Sharesight account, you can use the client credentials grant type. The client credentials grant type is similar but requires making a POST request with your Client ID and Secret. The client credentials grant type also requires that your user account is linked to your API Consumer Application.