OAuth 2

Step One – Obtain Authorization Code

Redirect the user to the authorize endpoint oauth/v2/authorize:

GET /oauth/v2/authorize?
client_id=CLIENT_ID
&grant_type=authorization_code
&redirect_uri=https%3A%2F%2Fyour-redirect-uri.com%2Fcallback
&response_type=code
&state=UNIQUE_STATE_STRING

(note that the query has been wrapped for legibility)

The user will be prompted to login. Once they do, Be1First will redirect back to the URL specified in redirect_uri with a code appended to the query.

It may look something like: https://your-redirect-uri.com?code=UNIQUE_CODE_STRING&state=UNIQUE_STATE_STRING

The state returned should be compared against the original to ensure nothing has been tampered with.

Step Two – Replace with an Access Token

Obtain the value of the code from Step One then immediately POST it back to the access token endpoint oauth/v2/token with:

POST /oauth/v2/token
client_id=CLIENT_ID
&client_secret=CLIENT_SECRET
&grant_type=authorization_code
&redirect_uri=https%3A%2F%2Fyour-redirect-uri.com%2Fcallback
&code=UNIQUE_CODE_STRING

(note that the post body has been wrapped for legibility)

The response returned should be a JSON encoded string:

{
access_token: “ACCESS_TOKEN”,
expires_in: 3600,
token_type: “bearer”,
scope: “”,
refresh_token: “REFRESH_TOKEN”
}

This data should be stored in a secure location and used to authenticate API requests.