Setup OAuth Authentication
Learn how to use the OAuth 2.0 standard to generate access tokens to interact with the Pine API.
Last updated
Learn how to use the OAuth 2.0 standard to generate access tokens to interact with the Pine API.
Last updated
You must set up an OAuth integration workflow if you're building an integration to access other people's data. After you complete the following steps, you can use your access token to interact with the API on behalf of that user.
As outlined , you'll first need to create an OAuth application with the public workflow. Selecting that workflow will reveal additional inputs:
Organization name - This is the name of the organization that will show up during installation.
Organization URL - If users install your integration from the Pine user interface, they will be navigated to this URL.
OAuth Callback URLs - This is an allowlist of URLs to which we'll redirect the user after they approve your integration.
Publish application - Enabling this checkbox will make your integration visible to other Pine users.
You'll need to redirect your users to the following URL for them to approve your application:
Please populate the query parameters as appropriate for your application.
client_id
The client identifier for your application. Retrievable from your application settings.
redirect_uri
The URL we will redirect the user to when the user has authorized your application.
state
A session string which we will return appended to the redirect_uri. This is useful for mitigating CSRF attacks.
Your users will be presented with the permissions that your application is requesting. If the user approves this request, we will redirect them back to your application via one of your supplied redirect_uris:
We will populate the URL with the following query parameters:
code
The authorization code that you'll exchange for an access token. Expires after 5 minutes.
state
The same state that you supplied from the previous step.
Using the code from the previous step, make a POST request to the following endpoint to retrieve your access token:
Supply the following parameters as part of the body of your request:
code
The authorization code from the previous step.
client_secret
The client secret for your application. Retrievable from your application settings.
A successful request will return the following response with an access_token that you can now use to interact with Pine's API:
You can revoke an access token by making a POST request to the following endpoint, with the access_token supplied in the body of your request:
access_token
The access token that you'd like to revoke.
We'll return a status 200 if we're able to revoke your token. Otherwise, we'll return a status 401 if we cannot verify your token (e.g. expired after 5 minutes) or a status 400 if we cannot revoke the token (e.g. token was already revoked).
Pine's provides an easy way to interact with the API in a type-safe manner.