In order to get an access to protected resources, your application need to pass OAuth2 authorization process and get an access token with optional refresh token depending on type of your application

Process flow for OAuth2 authorization:

  1. A call is made for an access token.
  2. Trakopolis OAuth2 authorization server processes request.
  3. An access token is provided back to you (website/mobile apps also receive a refresh token). This access token has at this time a 5 minute lifespan. It is recommended to use the access token for the timespan alloted.
  4. Once you have an access token you will create a call to an API protected resource (assets, statuses, etc.) and supply an OAuth2 authorization header that contains the information needed for a Protected Resource Request.

Implementation and workflow of first step depends on application type. If you develop Private M2M client or Web Plugin, please refer to "Private M2M and Web Plugins" section for detailed description. Documentation for external web sites or mobile application is available at "Web Site and Mobile Apps" section.