The purpose of the following article is to help with understanding the Username-Password Authentication flow when using the OAuth 2.0 Authentication method.
Leadspace provides the option to access its API using the OAuth2.0 Authentication method. For your convenience, below is the diagram of the OAuth 2.0 in Leadspace API V3. Also, below are the instructions for the authorization requests performing with the Account Management at Leadspace's side and its responses.
Messages
The request and response messages are in JSON format
Basic Authorization Process
Request type: POST
Endpoint: https://apigw.leadspace.com/oauth/authorize
Header: Content-Type application/json
Request Fields synopsis:
user |
The Program ID Leadspace provided in the credentials email. |
pass |
The Authentication Secret Leadspace provided in the credentials email. |
audience |
For API V3 services use “API_GATEWAY” |
Example:
The following information will be sent to the customer via email:
Program ID: d2224b84-969e-4bf1-8c98-3f4601b3e
Authentication secret:
Hcdisd0QXk535IW8jW5vEs6vBczNfYtz5RNm9s4frM8CRGWGhxDAiMslGlWxTk6r90gZJ
Using details above we create Authorization message body.
Request body:
{
"user": "d2224b84-969e-4bf1-8a98-3f4601b3e",
"pass" : "Hcdisd0QXk535IW8jW5vEs6vBczNfYtz5RNm9s4frM8CRGWGhxDAiMslGlWxTk6r90gZJ",
"audience" : "API_GATEWAY"
}
Response example:
{
"token": "eyJhbGciOiJIUzM4NCJ9.eyJhdWQiOizJ4cCI6MTUyMDI2MjkzNywicHJvZ3JhbUlkIjoiZDIyMjRiODQtOTY5ZS00YmYxLThjOTgtM2Y0NjlkYTAxYjNlIn0.zdauhhXPspPAQVO0WfbK1AeG9hEtJeiFJZqN0d2waAEzXWZl9wsXhOapme9bMwwN",
"refreshToken": "PJuzr74AoXfsw62GMpDFgpYrjISq",
"expiration": 1520262937
}
Response Fields synopsis:
token |
The generated token to use in the API V3 enrichment requests |
expiration |
Number of seconds (epoch) value of the expiration moment |
refreshToken |
Value to use in the 'refresh token' requests |
Refresh Token Process
Request type: PUT
Endpoint: https://apigw.leadspace.com/oauth/authorize
Header: Content-Type application/json
Request Fields synopsis:
user |
The Program ID Leadspace provided in the credentials email. |
refreshToken |
Value returned from initial authorization or using the refresh token |
Example:
{
“user”: “d222b84-989e-4bf1-8c08-3f469db3e”,
“refreshToken”: “PJuzr74BoXfsv62GMpDFgprYrjI5q”
}
Successful response with a Token
The response should be the same as in an Authorization part.
Example:
{
"token": "eyJhbGciOiJIUzM4NCJ9.eyJhdWQiOiJBUEWSIsImV4cCI6MTUyMDI2MzgyNSwicHJvZ3JhbUlkIjoiZDIyMjRiODQtOTY5ZS00YmYxLThjOTgtM2Y0NjlkYTAxYjNlIn0.KC0RC8T6ohUFhRmyjkNfunB7BUPlzclqNuG-oz1vW3gSrrvyFxHEhMKQdPfVJKIA",
"refreshToken": "dqldjchbSwri6wCfiHoTmSQi",
"expiration": 1520263825
}
*Please note that the token expires every 24 hours