Get Access Token

To understand how to obtain an access token and run your first API call, see the steps specified below.

  1. Log in to the Applications Admin panel, and press Create Application.

  2. Fill in the application’s details, and press Create.

  3. Now that the new OAuth2 application is created, click Configure to see the application credentials.

  4. Go to Audiences, toggle the Unauthorize switch on, select the required permissions (scopes) from the drop-down list, and save changes.

  5. Go to Settings and copy the "Application ID" / "Client ID".

  6. Now, you have an application you can provide to your customers. Your customers will need to add your application to their organization to allow the application to have access to their organization, based on the scopes that have been selected earlier. To do this in your own organization, switch to Manage Integrations tab and click Add Application there.

  7. Insert the Application ID, accept terms of usage and scopes.

  8. Now you are ready to obtain an access token for that particular organization. To do this, you will need to use the application’s credentials (application ID / client ID and client secret) along with login hints for the organization.
    You can find the application’s credentials in the Application Admin panel, and the login hint for the organization is provided by your customers, but since you just added the application to your organization in step 7 you will find the organization ID in the Manage Integrations tab.

  9. You can use the playground at https://tfso.github.io/publicapi/playground/ using the Client Credentials flow or Postman to obtain an authentication token to be able to access 24SevenOffice REST API endpoints.
    You can access Postman here: https://www.postman.com/

    If you have never used Postman before, here is a great overview that will help you get started: https://learning.postman.com/docs/introduction/overview/

  10. The endpoint for obtaining an authentication token is: https://login.24sevenoffice.com/oauth/token

    You will need your application’s credentials to run that.

    A quick way to add those to the request body in Postman is switching to x-www-form-urlencoded, turning the Bulk Edit mode on, and pasting the following: 

    grant_type:client_credentials
audience:https://api.24sevenoffice.com
client_id:
client_secret:
login_organization:

  11. Add the application’s client_id, client_secret, and login_organization now.

    To access client_id, client_secret credential, switch to Manage Applications tab and click Configure button for the application. For client_id insert the value for "Application ID" / "Client ID" and for client_secret insert Client Secret. Should you need an access token tied to your organization, switch to Manage Integrations tab, click Configure button and from Info section copy and paste the Organization ID value for login_organization.

  12. Now, send the request and receive an access token in the response body.


The access token is only valid for one organization only. If you want to access multiple organizations, you have to repeat the steps from step 6 to 9 above for each organization.