Setting up OAuth2.0

Redirect to Tyms for user authorization

Use the OAuth 2.0 protocol to implement authentication and authorization. Authorization is essential for both testing via sandbox companies and production apps.

To make API requests on behalf of a user, you will need to receive and securely store an access token provided by Tyms OAuth authorization flow. Use this access token as a Bearer token passed as an Authorization header in the API request.

Tyms OAuth 2.0 endpoints are:

This process involves the following steps:

<{base_url}/api/v1/oauth/authorization> for user authorization.
<{base_url}/api/v1/oauth/access/token> for user token.

OAuth Flow

The flow to authorize users for your application is:

Users are redirected to Tyms to request authorization of connection
Users are redirected back to your site by Tyms
Your application uses the user's access token to access the Tyms API

Initiate user authorization

Get Tyms OAuth authentication widget by sending a GET request to <{base_url}/oauth/authorization> with these query parameters:

Query Parameters	Description
reference	User unique reference on your system.
client_id	Your Tyms public key
redirect_uri	Redirect uri you will provide in your request.
terms_url	Your terms and conditions url.
privacy_url	Your privacy policy url.

For example:

<{base_url}/oauth/authorization?reference=1201201&client_id=&redirect_uri=&privacy_url=https://privacy_url&terms_url=https://terms/url>

{
    "status": "success",
    "message": "Authorization request initiated successfully",
    "data": "https://tymsbook-web.web.app/auth/oauth?client_id=tyms_pk_2a38835c-e3c6-47fc-80b3-123c4acdc1ee&redirect_uri=https://your-callback&reference=192303&privacy_url=privacy_url&terms_url=https://terms/url"
}

📘
Your application should redirect users to the URL in the response above.

Tyms will prompt the user to authorize your application.

If authorized, Tyms redirects the user to the redirect uri you've set on your Tyms dashboard with additional Get parameters.

reference -The user reference you provided on your redirect.
authorization_code - This is the authorization code that will be exchanged for access token. May only be used once and expires after 10 minutes.
business_id - The id of the business the user is authorizing on your application.

https://your-site.com/callback?reference=YOUR_CODE&authorization_code=AUTH_CODE&business_id=a123

Redirect to Tyms for user authorization

OAuth Flow

Initiate user authorization

📘Your application should redirect users to the URL in the response above.

📘
Your application should redirect users to the URL in the response above.