Authorization

Secured by

OAuth 2.0

Application credentials

Become a Unet user
Enable developer tools
Add an Application to get client_id and client_secret.

+Get Authorization Code

Read specs for Authorization Code Grant

Endpoint

https://app.unet.com/auth

Request

Request structure type is @GetAuthorizationCodeRequest

Response

Response is redirect to the redirect_uri parameter

Examples

Request

https://app.unet.com/auth?response_type=code&client_id=1234567890&redirect_uri=https%3A%2F%2Fmysite.com%2Funet

+Get Access Token

Read specs for Access Token Request/Response

Endpoint

https://app.unet.com/token

Request

Request structure type is @GetAccessTokenRequest

Response

Response structure type is @GetAccessTokenResponse

Examples

Request

https://app.unet.com/token?grant_type=authorization_code&client_id=1234567890&client_secret=1a2b3c4e5d&code=CODE&redirect_uri=https%3A%2F%2Fmysite.com%2Funet

Response

{
    "access_token": "gb98URsdfsdfPyapVQBWNYhs4HA2EAYEScuuuJfB79u",
    "expires_in": "43200",
    "refresh_token": "1lYGndlWNfxYLzQt4eJXWNY4rs4Hh2EAYEScuuub8gocZ",
    "resource_uri": "https://3801130518.unet.com/api/",
    "scope": "user_details messages_read messages_write",
    "token_type": "bearer",
    "user_id": "3801130518"
}

+Refresh Access Token

Read specs for Refreshing an Access Token

Endpoint

https://app.unet.com/token

Request

Request structure type is @RefreshAccessTokenRequest

Response

Response structure type is @GetAccessTokenResponse

Examples

Request

https://app.unet.com/token?grant_type=refresh_token&client_id=1234567890&client_secret=1a2b3c4e5d&refresh_token=tGzv3JOkF0XG5Qx2TlKWIA

Response

{
  "access_token": "gb98URsdfsdfPyapVQBWNYhs4HA2EAYEScuuuJfB79u",
  "expires_in": "43200",
  "refresh_token": "1lYGndlWNfxYLzQt4eJXWNY4rs4Hh2EAYEScuuub8gocZ",
  "resource_uri": "https://3801130518.unet.com/api/",
  "scope": "user_details messages_read messages_write",
  "token_type": "bearer",
  "user_id": "3801130518"
}

+Get Token Properties

Endpoint

https://app.unet.com/token_props

Request

Request structure type is @GetTokenPropertiesRequest

Response

Response structure type is @GetTokenPropertiesResponse

+Authorization Errors

Read specs for Authorization Errors

Response

Response structure type is @AuthError

Example

{
    "error":"invalid_grant",
    "error_description":"Invalid refresh token."
}

Definitions

GetAuthorizationCodeRequest

Name	Description
response_type (r) string	Specify this parameter as `code`.
client_id (r) string	An application identifier. You have the value after registering the application.
redirect_uri (r) string	URI where a native client is redirected after the request.
state (o) string	An opaque value used by the client to maintain state between the request and callback.
scope (o) string	List of space-delimited scopes that need to request during current authorization. If omitted, the scopes is configured for the application are used.

GetAccessTokenRequest

Name	Description
grant_type (r) string	Specify this parameter as `authorization_code`.
client_id (r) string	An application identifier. You have the value after registering the application.
client_secret (r) string	An application secret signature. You have the value after registering the application.
redirect_uri (r) string	URI for client redirect after authorization is complete. Same URI that is used for the authorization step.
code (r) string	A CODE string retrieved as a result of the Authorization request.

GetAccessTokenResponse

Name	Description
access_token string	The access token issued by the authorization server.
expires_in unsigned integer	The lifetime in seconds of the access token.
refresh_token string	The refresh token issued to the client.
scope string	List of space-delimited scopes requested by the client.
token_type string	Possible values: bearer
user_id unsigned integer	Unet user ID
resource_uri string	URI for further actions within the Unet API.

RefreshAccessTokenRequest

Name	Description
grant_type (r) string	Specify this parameter as `refresh_token`.
client_id (r) string	An application identifier. You have the value after registering the application.
client_secret (r) string	An application secret signature. You have the value after registering the application.
refresh_token (r) string	A refresh token was recieved during the Get Access Token request.
scope (o) string	List of space-delimited scopes that need to request during current authorization. If omitted, the scopes is configured for the application are used. MUST NOT exceed scopes provided in authorization step.

AuthError

Name	Description
error string	Possible values: invalid_request invalid_client invalid_grant unauthorized_client unsupported_grant_type invalid_scope
error_description string	Human-readable text providing additional information.

error
string

Possible values:

invalid_request
invalid_client
invalid_grant
unauthorized_client
unsupported_grant_type
invalid_scope

error_description
string

Human-readable text providing additional information.