Puoi abilitare i membri dell’organizzazione ad autorizzare la tua app di OAuth.
When you build an OAuth app, implement the web application flow described below to obtain an authorization code and then exchange it for a token.
You should redirect the user to the /oauth/authorize endpoint with the following GET parameters:
Questo chiederà all’utente di approvare l’accesso dell’app al proprio profilo in base agli ambiti specificati in REQUESTED_SCOPES e poi di reindirizzarlo al REDIRECT_URI fornito creando un’app.
Nome | Valore | Descrizione |
---|---|---|
client_id | nella stringa | Richiesto. You receive Client ID for the app when you register it. |
redirect_uri | nella stringa | Richiesto. The URL in your application where users will be sent after authorization. |
response_type: code | nella stringa | Richiesto. The parameter is used for the flow specification of an OAuth app. |
scope | nella stringa | Richiesto. Select the access your app requires from the list of scopes available. You can add multiple scopes separated by spaces (no need to use quotation marks). |
state | nella stringa | An unguessable random string. Use it for extra protection against cross-site request forgery attacks. |
The following Authorization Url will be created:
After successful authorization users are redirected back to your site:
If authorization has been declined, users are redirected to your website with an error:
Se un utente autorizza l’app, Crowdin Imprese reindirizza al tuo sito e puoi scambiare il codice ricevuto per un token di accesso:
Nome | Valore | Descrizione |
---|---|---|
grant_type: authorization_code | nella stringa | Richiesto. The parameter is used for the flow specification of an OAuth app. |
client_id | nella stringa | Richiesto. You receive Client ID for the app when you register it. |
client_secret | nella stringa | Richiesto. You receive Client Secret for the app when you register it. |
redirect_uri | nella stringa | Richiesto. The URL in your application where users will be sent after authorization. |
code | nella stringa | Richiesto. Code received from the callback query string. |
For example, request in curl takes the following form:
curl -X POST \ https://accounts.crowdin.com/oauth/token \ -H "content-type: application/json" \ -d "{ \"grant_type\":\"authorization_code\", \"client_id\":\"m50YenPpqac8u5D4dnK\", \"client_secret\":\"yz35kYtjox...YE9Am\", \"redirect_uri\":\"https://impact-mobile.com/auth/crowdin\", \"code\":\"def50200df1fbb5ebac05f9288850d9e...0835bd3cf42\" }"
By default, the response takes the following form:
{
"access_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJS...lag1e_Zk4EdJ5diYfz0",
"token_type":"bearer",
"expires_in": 7200,
"refresh_token": "b213c684ccaa7db1217e946e6ad...fff7ae"
}
Il token di accesso ti consente ora di effettuare richieste all’API di Crowdin Imprese per conto dell’utente autorizzato.
For example, in curl you can set the following Authorization header:
curl -H "Authorization: Bearer ACCESS_TOKEN" https://<organization_domain>.api.crowdin.com/api/v2/projects
The access token received after a user authorizes the app has an expiration time. Access token expires in the number of seconds defined in the response.
To refresh a token without requiring the user to be redirected, send a POST request with the following body parameters to the authorization server:
Nome | Valore | Descrizione |
---|---|---|
grant_type: refresh_token | nella stringa | Richiesto. The parameter is used for the flow specification of an OAuth app. |
client_id | nella stringa | Richiesto. You receive Client ID for the app when you register it. |
client_secret | nella stringa | Richiesto. You receive Client Secret for the app when you register it. |
refresh_token | nella stringa | Richiesto. Refresh token received from the last authorization response. |
For example, request in curl takes the following form:
curl -X POST \ https://accounts.crowdin.com/oauth/token \ -H "content-type: application/json" \ -d "{ \"grant_type\":\"refresh_token\", \"client_id\":\"m50YenPpqac8u5D4dnK\", \"client_secret\":\"yz35kYtjox...YE9Am\", \"refresh_token\":\"b213c684ccaa7db1217e946e6ad...fff7ae\" }"
By default, the response takes the following form:
{
"access_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJS...ZjFkMWI4OWFlIiwiaWF",
"token_type":"bearer",
"expires_in": 7200,
"refresh_token": "ea506ea4c37aa152f0a91ed2482...4a0c567"
}
Puoi registrare uno o più URL di reindirizzamento creando un’Applicazione OAuth su Crowdin Imprese.
Per motivi di sicurezza, se l’URL non è incluso nelle informazioni dell’Applicazione non potrai reindirizzare gli utenti a quest’URL dopo l’autorizzazione.