OAuth 1 .0a Tokens

The OAuth 1.0 Protocol with header authentication is used to provide authorized access to the API.

That means you will need pairs of consumer and token key/secret to perform calls to the API. Authentication is embedded in the token key/secret pair.

Your ultimate goal is to understand how you should create an authorization header to make a successful request.

Consumers and Tokens

Since OAuth 1.0 is being used, a consumer key and secret are required. A consumer is used for creating your tokens. In order to create it you have to have access to the bynder portal as administrator.

In addition to the consumer, you will also need a token key and secret. A token is coupled with a consumer and a user of the portal. Thus the actions that can performed in the API are also bound to the permissions of the token's user.

Types of Tokens

There are two different types tokens:

  • Permanent tokens
    • Are created through the Bynder portal
    • Do not have expiration date
    • You need administrator permissions to create them
  • Temporary tokens
    • Are created through the API
    • Are valid for 30 days
    • You need to fill the credentials of the user in your browser

Create a Consumer

Follow the steps below to create a new consumer:

  1. Go to your-bynder-domain/pysettings (for example https://company.bynder.com/pysettings).
  2. Click on the API tokens link.
  3. Click on +Create new consumer.
  4. Enter a name for the new consumer and click Create.
  5. Copy the consumer key and consumer secret to your clipboard.
  6. Your consumer has been created. Once you have saved the information, click OK.

Create a Permanent Token

Follow the steps below:

  1. Go to your-bynder-domain/pysettings (for example https://company.bynder.com/pysettings).
  2. Click on the API tokens link.
  3. Click on +Create new token.
  4. Select the user you want to attach to your token (start typing for results to appear).
  5. Select the consumer you want to use and click Create.
  6. Copy the token key and token secret to your clipboard.
  7. Your token has been created. Once you have saved the information, click OK.

Create a Temporary Token

Temporary tokens can be created via API calls and are valid for 30 days.

Bear in mind that the permissions are propagated by the user whose credentials will be used to create the token. Take a look in the Api Users and Authorization and Authentication before proceeding with this solution for your application.

Requirements

  • A valid consumer key/secret pair
  • User credentials with which you can login to the Bynder portal

Steps to a successful handshake

1. Create a Request Token

A Request Token is valid for 10 minutes. This will be exchanged with the Access Token, which is valid for 30 days, later on.

HTTP ParameterValue
HTTP MethodPOST
Endpoint/api/v4/oauth/request_token/
HeadersAuthorization : OAuth version 1.0 generated authorization header by using only the consumer key/secret pair.
Parameters-
Response
oauth_token=96F42ED6-3530-48C9-A361A3C95E3FC303&oauth_token_secret=some_secret

Example of the request Authorization Header:

Authorization:OAuth oauth_consumer_key="XXXXXXXX-XXXX-XXXX-XXXXXXXXXXXX1EFA",oauth_signature_method="HMAC-SHA1",oauth_timestamp="******6814",oauth_nonce="***9gi",oauth_version="1.0",oauth_signature="****************************Ebo%3D"

2. Authorize & Authenticate

During this step the user has to authorize & authenticate the Request Token. In this step the user will be redirected to the login page of your Bynder portal and the user has to enter his/her credentials. Make sure you know that the permissions of the Access Token that will be created afterwards, will be bound to the user that was used to login.

Make the following request with a browser, so that the user can enter his/her credentials.
HTTP ParameterValue
HTTP MethodGET
Endpoint/api/v4/oauth/authorise/
Headers-
Parameters
NameValueRequired
auth_tokenauth_token retrieved from previous requestYes
callbackprefered-redirection-urlNo
ResponseRedirected to the URL defined in the callback parameter. If the callback parameter is omitted, the request responds with the token.

Example Request Url:

<a href="https://integrations.getbynder.com/api/v4/oauth/authorise/?oauth_token=96F42ED6-3530-48C9-A361A3C95E3FC303&callback=https://myintegration.com/login_success">https://integrations.getbynder...</a>

3. Exchange the Request Token for the Access Token

The result of this call is a Access Token key/secret pair which you can start using to make your API calls. Additionally, since the handshake has been completed, the Request Token is immediately expired.

HTTP ParameterValue
HTTP MethodPOST
Endpoint/api/v4/oauth/access_token/
HeadersAuthorization : OAuth version 1.0 generated authorization header by using the consumer and the request token key/secret pairs.
Parameters-
Response
oauth_token=1205FGA6-0V2E-4GC7-V9872B0DBE0CD2B9&oauth_token_secret=FB7F530FA3919BE92873587476C613144A43FB16

Example of the request Authorization Header:

Authorization:OAuth oauth_consumer_key="XXXXXXXX-XXXX-XXXX-XXXXXXXXXXXX1EFA",oauth_token="XXXXXXXX-XXXX-XXXX-XXXXXXXXXXXXC303",oauth_signature_method="HMAC-SHA1",oauth_timestamp="******6814",oauth_nonce="***9gi",oauth_version="1.0",oauth_signature="****************************p5o%3D"



© 2020 Bynder All rights reserved.