Authentication

Authentication

The Projecturf API utilizes OAuth2 for Authentication. 

Generating an Access Token

  1.  Log into your Projecturf account, go to the Account > Integrations sections. To enable the api and generate your Client ID and Client Secret, you'll need to enter the Redirect URl for your application. Once that's done, click the Generate Key or Generate New Key if you've already created a key and need to generate a new one. The Client ID and Client Secret are specific to your account, please don't share it with anyone.

  2. Now that you have your Client ID you need to request the authorization code. To do that, open your web browser and go to the URL below. If the CLIENT ID and REDIRECT URI are valid and match the setting within your account, you'll be presented with a screen to approve the authorization access. Once approved you will be redirected to the REDIRECT URI, passing the Authorization Code in the query string.

    https://api.projecturf.com/oauth/authorize?response_type=code&client_id=Client_ID&redirect_uri=Redirect_URI

  3. The final step is to request the Access Token (used with all of your API requests) from the Authorization Code. To request your Access Token, you'll perform the following post. Be sure to replace the highlighted values below with the Client ID and Client Secret found in your account, as well as the Authorization Code returned above. IMPORTANT: Access Tokens are essentially passwords and grant the holder access to all of your Projecturf data. It is imperative that you keep them secure.

    POST /oauth Accept: application/json Content-Type: application/json { "redirect_uri": "Redirect_URI", "client_id": "Client_ID", "client_secret": "Client_Secret", "code": "Authorization_Code", "grant_type": "authorization_code" }
      Once verified, the server will return codes as shown below.
    HTTP/1.1 200 OK
    Content-Type: application/json
    {
        "access_token": "907c762e069589c2cd2a229cdae7b8778caa9f07",
        "expires_in": 3600, 
        "refresh_token": "43018382188f462f6b0e5784dd44c36f476ccce6", 
        "scope": null, 
        "token_type": "Bearer"
    }
    Here is the same post as above, but using HTTPie and CURL.
    HTTPie
    http --auth Client_ID:Client_Secret -f POST http://api.projecturf.com/oauth grant_type=authorization_code code=Authorization_Code
    redirect_uri=Redirect_URI CURL curl -u 
    Client_ID:Client_Secret http://api.projecturf.com/oauth -d 'grant_type=authorization_code&code=Authorization_Code&redirect_uri=Redirect_URI'

  4. Now that you have been authenticated you can begin working with the API. Here's an example of submitting a request at http://api.projecturf.com for all Tasks using the Access Token returned from the above request.
    GET /tasks
    Accept: application/json
    Authorization: Bearer 907c762e069589c2cd2a229cdae7b8778caa9f07
    

Refresh Token

Access tokens have a limited lifetime of 1 hour, you can refresh a token using the refresh_token provided in the response during the authentication step.
POST /oauth
Accept: application/json
Content-Type: application/json
{
"grant_type": "refresh_token",
"refresh_token": "refresh_token",
"client_id": "Client_ID",
"client_secret": "Client_Secret"
}
The response will be something like:
HTTP/1.1 200 OK
Content-Type: application/json
{
"access_token": "f541b757d97ab773e39d6a064be95e0b5d22bad3",
"expires_in": 3600,
"scope": null,
"token_type": "Bearer"
}
Now you're ready to build your own Projecturf API.

Feedback and Knowledge Base