OAuth 2.0

Before diving into integration, make sure you understand the basics of OAuth 2.0, including key concepts like authorization server, client application, resource owner, and access token. This type of solution might be interesting to you if you are considering to build a highly compliant application in terms of security or if you are a dev partner aiming to build your own app which you would like to list in our marketplace and expose to hundreds of thousands of Expiration Reminder users.


Implement the OAuth Flow

As mentioned before, Expiration Reminder uses the OAuth 2.0’s grant flow to create access tokens on behalf of users. The OAuth flow helps users to authorize Expiration Reminder apps to access and manipulate data from their account. For example, an app might be authorized to renew expirations or update contacts.

The auth flow is straightforward for most web applications. Here is a general outline of the process for Expiration Reminder apps.

  1. Users attempt to install your app from our marketplace listing or on a different platform.
  2. Your app loads the Expiration Reminder authentication pop-up window.
  3. User is prompted to authenticate with their Expiration Reminder credentials. This can be email:password combination, Google or Microsoft.
  4. Your app requests an access token against the Expiration Reminder Auth Server.
  5. The Expiration Reminder Auth Server validates the payload and replies with the oAuth tokens. Access token and refresh token.
    1. The access token is a bearer type token which is attached as a header in every subsequent request.
    2. The refresh token allows the Auth server to issue a new access token if this on is expired.
  6. The app handles the storage of the credentials and proceeds to interface with the Expiration Reminder API.
  7. For each request, the Expiration Reminder Auth Server will validate the bearer (access) token is valid and return the requested information.