OAuth 2.0 Overview
- Your company has been enabled for API Access by Rhythm Systems.
- The user account/login you plan on using to make API calls must be enabled for API Access from the Company Admin function in Rhythm. The designated account must also be granted permission to all items it intends to access via the API. Your Company Admin can set this up for you, or you can contact Rhythm Systems firstname.lastname@example.org for assistance in doing this.
Authentication for your integration starts with creating an API Client in the API Admin section of Rhythm. You'll use the Client ID and Client Secret from that app to initiate the OAuth handshake between Rhythm and your integration.
Connecting your app to Rhythm using OAuth 2.0
There are 4 main steps to connecting your integration to a customers Rhythm account using OAuth:
- Build the authentication URL for your app, and send the Rhythm user to that URL. The user will be presented with a screen that allows them to grant access to your integration.
- After the user grants access, they'll be returned to your app, with a
codeappended to the URL. Use that code and your Client Secret to get an access_token and refresh_token.
- Use that access_token to authenticate any API calls that you make for that HubSpot account.
- Once that access_token expires, use the refresh_token from Step 2 to generate a new access_token.