Get your credentials
As a user
To connect to your own workspaces, simply visit https://connect.penbox.io/authorize to get a token dedicated to a specific workspace.
Token Expiration Date
For security reason, we recommend generating a token of 1 day or less.
- Select the workspace
- Select a token longevity (e.g. 1 day)
- Select 'Get a token'
- Copy the generated token
Congratulations you successfully generated a token
As a partner: Penbox CONNECT
For external partners and providers, we put in place a CONNECT gateway that enable partners to authenticate on behalf of users and perform actions on Penbox API's.
Credentials
To be able to use the CONNECT gateway, partners require
- a
client_id
(e.g. my-super-partner) - a
client_secret
(e.g. 404D635166546A576D5A713474377721)
Both are provided by Penbox once partnership is acted.
Authorization
The first step for a partner to be able to perform actions on behalf of a Penbox user is to get the authorization from this user using a standard oAuth2 flow.
Concretely, you will add a connect your Penbox account button in your tool, that will successively:
- redirect the user on
[connect.penbox.io/authorize](http://connect.penbox.io/authorize)
, - there, allow the user to authenticate on Penbox and authorize the linking
- redirect back to your website with an authorization
code
in the url parameters
You will then use this code
to get a access_token
(and add custom_data
on Penbox side, see below).
You can find an example of a quick implementation on our developer documentation here :
You will receive a token
, and a refresh_token
, that will enable you to get back a valid token once the initial one expires. It is your responsibility to manage tokens/refresh_tokens.
The refresh_token
grant type is used by clients to exchange a refresh token for an access token when the access token has expired. This allows clients to continue to have a valid access token without further interaction with the user.
More info can be found here :
Updated about 2 months ago