Authorization of Public PBX Applications with User Confirmation

  1. The PBX application redirects the user to the authorization URL https://<hostname>/oauth/authorize<hostname>, passing the authorization data as parameters of the GET request in the application/x-www-form-urlencoded format.

Parameter

Description

response_type

The response type, should always have the value code

redirect_uri

The URI that the system will use to send the response. Must match the one specified when creating the PBX application

client_id

App ID generated when creating the PBX app

scope

Scope of permissions for the PBX application, must be set to all

Example

https://<hostname>/oauth/authorize?response_type=code&client_id=2bb0c19ea4df4b908cf2db51a1aea86b&redirect_uri=https://testsite.com&scope=all

2. The user allows or denies the PBX application access to the system on their own behalf. If the user is not logged in to the system, they are first logged in with a username and password:

If the user allows access, the access request will not appear on subsequent authorization attempts until the user explicitly removes the permission.

3. If the user allows access, the system redirects the user to the

Redirect URL of the PBX application specified during registration, passing a temporary code as a request parameter to obtain the access token:

GET https://<apphostname>/authorized?code=SpHCEr6qiCj1kZRTvEb36qZAqWqIHz

4. To get an access token, you need to send a POST request to the system server at the URL

https://<hostname>/oauth/token, using the received code:
POST https://<hostname>/oauth/token

The parameters are passed in the request body in the application/x-www-form-urlencoded format.

Request parameters

Parameter

Description

Parameter

Description

grant_type

Must always have the value authorization_code

code

The temporary access token code received by the PBX application in the previous step

redirect_uri

Redirect URI. Must match the one specified when creating the PBX application

client_id

App ID generated when creating the PBX app

client_secret

App Secret generated when creating the PBX app

Response parameters

Parameter

Description

Parameter

Description

access_token

Access token. Used by the PBX application for API requests

expires_in

The time period, in seconds, during which the token is valid. If an authorization error occurred while using the token, it is recommended to request the token again, even if the time specified in the expires_in field has not yet passed before the token expires

token_type

The type of the token. Always has the value Bearer

refresh_token

Refresh token, which can be used to regenerate the access token when it has become invalid

scope

The scope of permissions for the PBX application, is set to all

Example

curl -L -X POST 'https://<hostname>/oauth/token' \ -H 'Content-Type: application/x-www-form-urlencoded' \ -H 'Content-Type: application/x-www-form-urlencoded' \ --data-urlencode 'grant_type=authorization_code' \ --data-urlencode 'code=aIlsm1bCglDGvQKShm0AhHrBhDyshn' \ --data-urlencode 'client_id=a80f1e618ddd4d5584e2bd48fd404194' \ --data-urlencode 'client_secret=a2423941f5be408c918d5f7207570990' \ --data-urlencode 'redirect_uri=https://testsite.com'

System response:

{ "access_token": "itFyАvKhTrZDCwH2Q2oZYmo94IvOIL", "token_type": "Bearer", "expires_in": 3600, "refresh_token": "L40pLFI9hgoРlpDlFHNAvPUt0КWK0С", "scope": "all" }

 

← Creating and Authorizing PBX Applications Authorization of Trusted PBX Applications →