API Reference

Authentication

Orange Logic supports multiple API authentication methods.

The most secure authentication option is OAuth 2.0, which uses a client ID and secret to generate a token. We recommend this authentication method.

You can also generate a non-expiring bearer token that is stored in the Orange Logic user account.

Both of the methods above require an Orange Logic administrator to first allow bearer authentication on the relevant user account.

There is also a basic authentication option, which uses a username and password to log in with the User login endpoint. Then, users authenticate subsequent calls with the returned token.

Warning

If you are using Orange Logic APIs to create custom integrations, use the token provided by the the User login endpoint for all subsequent API calls until it expires. We strongly recommend against calling the login API before each subsequent call, as this will put unnecessary pressure on your infrastructure and might impact application performance.

ℹ️

Note

Authentication tokens are valid for only one server. Therefore, when your Orange Logic site switches from one server to another, you must reauthenticate to continue running APIs. A single environment might rely on multiple servers, and an authentication token is valid for only one site and one server.

Allow bearer authentication

⚠️

Caution

To maintain system security, you cannot complete the steps below with an existing SSO user account. You have two options:

  • You can create a new user account (such as “API user”) and complete the setup described below to give that user API authentication access.
  • You can submit a support request to have Orange Logic staff change the SSO status of an existing user account. After the change is made, you can complete the last step below.

  1. Log in to the Orange Logic interface.

  2. Go to Administration > Contacts and select the account type of the user you want to authenticate.

    Administration Contacts Menu

    Administration Contacts Menu

  3. Search for the user.

  4. Click View next to the user you want to authenticate. The user’s Account information opens.

    View a user account

    View a user account

  5. In the SSO Status field, select Non SSO Authentication allowed.

    Non SSO Authentication allowed

    Non SSO Authentication allowed

  6. Select the Enable Bearer Authentication checkbox.

    Bearer Authentication checkbox

    Enable Bearer Authentication checkbox