Create a Temporary Token

Temporary tokens can be created via API calls and are valid for 30 days.

Bear in mind that the permissions are propagated by the user whose credentials will be used to create the token. Take a look in the Api Users and Authorization and Authentication before proceeding with this solution for your application.

Requirements

Steps to a successful handshake

1. Create a Request Token

A Request Token is valid for 10 minutes. This will be exchanged with the Access Token, which is valid for 30 days, later on.

HTTP Parameter Value
HTTP Method POST
Endpoint /api/v4/oauth/request_token/
Headers Authorization : OAuth version 1.0 generated authorization header by using only the consumer key/secret pair.
Parameters -
Response
oauth_token=96F42ED6-3530-48C9-A361A3C95E3FC303&oauth_token_secret=some_secret

Example of the request Authorization Header:

Authorization:
OAuth 
oauth_consumer_key="XXXXXXXX-XXXX-XXXX-XXXXXXXXXXXX1EFA",
oauth_signature_method="HMAC-SHA1",
oauth_timestamp="******6814",
oauth_nonce="***9gi",
oauth_version="1.0",
oauth_signature="****************************Ebo%3D"

2. Authorize & Authenticate

During this step the user has to authorize & authenticate the Request Token. In this step the user will be redirected to the login page of your Bynder portal and the user has to enter his/her credentials. Make sure you know that the permissions of the Access Token that will be created afterwards, will be bound to the user that was used to login.

HTTP Parameter Value
HTTP Method GET
Endpoint /api/v4/oauth/authorise/
Headers -
Parameters
NameValueRequired
auth_tokenauth_token retrieved from previous requestYes
callbackprefered-redirection-urlNo
Response Redirected to the URL defined in the callback parameter. If the callback parameter is omitted, the request responds with the token.

Example Request Url:

https://integrations.getbynder.com/api/v4/oauth/authorise/?oauth_token=96F42ED6-3530-48C9-A361A3C95E3FC303&callback=https://myintegration.com/login_success

3. Exchange the Request Token for the Access Token

The result of this call is a Access Token key/secret pair which you can start using to make your API calls. Additionally, since the handshake has been completed, the Request Token is immediately expired.

HTTP Parameter Value
HTTP Method POST
Endpoint /api/v4/oauth/access_token/
Headers Authorization : OAuth version 1.0 generated authorization header by using the consumer and the request token key/secret pairs.
Parameters -
Response
oauth_token=1205FGA6-0V2E-4GC7-V9872B0DBE0CD2B9&oauth_token_secret=FB7F530FA3919BE92873587476C613144A43FB16

Example of the request Authorization Header:

Authorization:
OAuth 
oauth_consumer_key="XXXXXXXX-XXXX-XXXX-XXXXXXXXXXXX1EFA",
oauth_token="XXXXXXXX-XXXX-XXXX-XXXXXXXXXXXXC303",
oauth_signature_method="HMAC-SHA1",
oauth_timestamp="******6814",
oauth_nonce="***9gi",
oauth_version="1.0",
oauth_signature="****************************p5o%3D"