Authentication

Agendize offers two types of authentication that you can choose depending on how you want to use the platform:

Your Agendize application manages multiple accounts

Agendize API uses an SSO token and API Key to allow partners to manage multiple accounts.

Overview

An Agendize Single Sign-On token is linked to a specific account. It must be used with an API Key token.

Prerequisites

To manage multiple accounts, you need to have:

  1. Access to the Agendize Developer Console with at least one active Agendize account
  2. Requested access to the SSO Token related to your account from our Support team

Usage

Once you have valid API and SSO tokens, you will be able to execute API requests by adding them to your API request header.

Request Header:

token: 91h4g3xxxxxx349540 apiKey: 3132xxxx93428

Important
You need to use the SSO token of a partner account to use the partner API. However, once you manage child accounts, you will need to use the child account's SSO token API.

Your Agendize application manages one account

Agendize API uses OAuth2 to allow Agendize users to authorize third party systems to access their data without sharing their actual login details.

Overview

OAuth2 is an authentication process allows your application to get a valid access token linked to a specific Agendize account. To authenticate your application, you will join the access token to your API requests (see "Usage" section for more).

How it works:
First, the final user will authorize your app that will allow you to get an access token and a refresh token. If the access token expires, you will use the refresh token to renew the access token.

Prerequisites

You need to have access to the Agendize Developer Console with at least one active Agendize account.

Usage

Once you get a valid access token, you should always add the access token to the API request header.

Request Header:

Authentication: Bearer 455qwddaxxxxxxdqw45aef

How to get a valid access token

When you register an Application in Agendize, we provide a Client ID and a Client Secret for this application.

Important
The Client ID is considered public information, however the Client Secret must be kept confidential.

How to get a valid access token

Once your application has the OAuth2 authentication process implemented, you will have a valid access token that your application must join as URL parameters to all API calls. Click here to see it.

Authentication Request

You need to redirect the user to the Agendize authorization page:

Required URL parameters:

Important
We will accept to redirect the user only to URLs listed in the Redirect URLs section of the Application, as found in the Developer Console.

Authorization Code

Once the user has logged in and authorized your application he is redirected to the redirect_url, with the authorization as a url parameter.

Token Request

You should now request an access token and a refresh token in exchange for the authorization code. To do so, send the request below.

Request
Required parameters
Response

The JSON formatted response is a JSON Object with the following attributes:

Example

POST request to https://api.agendize.com/o/oauth2/token with Body:

client_id=ce8d8813658b94xxxxxxxx98a68da2b0&client_secret=3563974adbxxxxxxd8a829c9d7 &grant_type=authorization_code&code=e8c511bf968d31xxxxxxc008ed6f5 &redirect_uri=https:///connectedapp.com/oauth2/callback

Response:
{ "access_token": "a7ca802f78abb85xxxxxxxxxx143b9a861", "expire_in": 86400, "refresh_token": "9f25cdc86exxxxxxxxx94225c7bd", "token_type": "Bearer" }

The access token has a limited duration and once it expires you need to get a new one. Your application would need to request a new one from the Agendize authorization server.

Your application now has a valid access token to securely call our APIs. See how.

Renew Access token

Renew Access token

New access token request

Request
POST https://app.agendize.com/o/oauth2/token
Required parameters:
Response

The JSON formatted response is a JSON Object with the following attributes:

Example

POST request to https://api.agendize.com/o/oauth2/token with Body:

client_id=ce8d8813658b94xxxxxxxx68da2b0&client_secret=3563974adb57dccd2xxxxxxxxx829c9d7 &grant_type=refresh_token&refresh_token=9f25cdc86eaxxxxxxxx1e594225c7bd

Response:
{ "access_token": "a7ca802f78abb85xxxxxxxxxx143b9a861", "expire_in": 86400, "refresh_token": "9f25cdc86exxxxxxxxx94225c7bd", "token_type": "Bearer" }

Your application now has a valid access token to securely call our APIs. See how.