HomeGuidesAPI ReferenceChangelogDiscussions
Guides
These docs are for v1.0. Click to read the latest docs for v2024-10-01.

Request an Oauth 2 authorization code

This page will teach you how your users can authorize your integration to access Factorial's API

Once you have registered your Oauth application in Factorial you will be able to let your users grant your integration access to Factorial's API. In order to do that, you will need to redirect users of your integration to the following URL:

🚧

Note

Non-admin users can perform this action, as long as they have the Oauth Application credentials.

Fetching your authorization code via the dashboard

If you need an authorization token and you don't have a full OAuth flow setup in your application code, consider using the authorization button in the Oauth applications dashboard. It may be quicker for your use case, to retrieve your authorization code. This is particularly useful in cases of integrations with a single user like an external API.

Note that this button will only give you authorization for a user access token

Fetching your authorization code in your application code

Copy the URL > GET and check the Params and place them with the previour information

https://api.factorialhr.com/oauth/authorize?client_id=<YOUR_CLIENT_ID>&redirect_uri=<YOUR_REDIRECT_URI>&response_type=code

YOUR_CLIENT_ID: OAuth2 Application Id
REDIRECT_URI: OAuth2 Redirect URL
https://api.factorialhr.com/oauth/authorize?client_id=<YOUR_CLIENT_ID>&redirect_uri=<YOUR_REDIRECT_URI>&response_type=code=read,write

State Parameter
An optional query parameter called state can be added to the code generation url. Any string can be used and will be sent on the callback url.

resource_owner_type

An optional query parameter called resource_owner_type can be set to "company" to get a company Oauth token. As explained before a company Oauth token avoids problems tied to user permissions and the company's employee continuity and besides never expires.

https://api.factorialhr.com/oauth/authorize?client_id=<YOUR_CLIENT_ID>&redirect_uri=<YOUR_REDIRECT_URI>&response_type=code&resource_owner_type=company


Authorization protocols provide a state parameter that allows you to restore the previous state of your application. The state parameter preserves some state objects set by the client in the Authorization request and makes it available to the client in the response.

All the information required to build this URL is available in your OAuth application page, which you can access from the repository of Oauth applications.

Once the access is granted and the authorization code has been displayed to the user. Your integration is in condition to request its first access token.


What’s Next