Before you create an OAuth 2.0 token for a third-party application, you need to create an account for the application in Orange Logic and authorize the application. Go to the Authorize third-party applications to make API calls article for details.

The response to this call is two tokens:

• An Access Token, which is valid for 24 hours.
• A Refresh Token, which is valid for 30 days.

Use the access token to authenticate API calls. Use the refresh token to generate a new pair of tokens when the access token expires.

• To generate a pair of tokens using an authorization code from a third-party application, run this call with the authorization_code grant type:
  • "grant_type": "authorization_code"
  • "code": "{authorization code}"
• To generate a pair of tokens using a refresh token, run this call with the refresh_token grant type:
  • "grant_type": "refresh_token"
  • "code": "{refresh token}"

ℹ️

Note

The authentication token you create for third-party applications remains active for 24 hours. The corresponding refresh token is active for 30 days. If a user doesn’t activate the integration for more than 30 days, you’ll need to re-run the call with an authorization code to create new tokens.