HomeGuidesAPI ReferenceChangelogDiscussions
Guides

Request an authorization code

This page will teach you how your users can authorize your integration to access Factorial's API

Once you have registered your Oauth application in Factorial you will be able to let your users grant your integration access to Factorial's API. In order to do that, you will need to redirect users of your integration to the following URL:

🚧

Note

Non-admin users can perform this action, as long as they have the Oauth Application credentials.

Fetching your authorization code via the dashboard

If you need an authorization token and you don't have a full oauth flow setup in your application code, consider using the authorize button in the oauth applications dashboard. It may be quicker for your use case, to retrieve your authorization code. This is particularly useful in cases of integrations with a single user like an external API.

Note that this button will only give you authorization for a user access token

Fetching your authorization code in your application code

Copy the URL > GET and check the Params and place them with the previous information

https://api.factorialhr.com/oauth/authorize?client_id=<YOUR_CLIENT_ID>&redirect_uri=<YOUR_REDIRECT_URI>&response_type=code

YOUR_CLIENT_ID: OAuth2 Application Id
REDIRECT_URI: OAuth2 Redirect URL
https://api.factorialhr.com/oauth/authorize?client_id=<YOUR_CLIENT_ID>&redirect_uri=<YOUR_REDIRECT_URI>&response_type=code=read,write

state parameter

An optional query parameter called state can be added to the code generation url. Any string can be used and will be sent on the callback url.

Authorization protocols provide a state parameter that allows you to restore the previous state of your application. The state parameter preserves some state objects set by the client in the Authorization request and makes it available to the client in the response.

resource_owner_type parameter

πŸ“˜

User or company wide access token

Use this parameter to retrive, either a user-scoped token, or a company-wide token

An optional query parameter called resource_owner_type can be set to company to get a company Oauth token. A company OAuth token avoids problems tied to user permissions and the company's employee continuity and besides, it never expires.

https://api.factorialhr.com/oauth/authorize?client_id=>\<YOUR_CLIENT_ID>&redirect_uri=\<YOUR_REDIRECT_URI>&response_type=code&resource_owner_type=company

Further information

All the information required to build this URL is available in your OAuth application page, which you can access from the list of OAuth applications (in demo or production)

Once the access is granted and the authorization code has been displayed to the user. Your integration is in condition to request its first access token.


What’s Next