🔏
API Docs
  • Beam API Docs
  • Overview
    • About Beam
    • API Requirements
    • Roles and Permissions
  • Getting Started
    • Requesting an Account
    • Using RESTful Tools
    • Webhooks
  • The Basics
    • Entities
    • Best Practices
    • Testing Accounts
  • OAuth
    • Overview
    • How to Authorize Access
      • Step 1: Generate Authorization URL
      • Step 2: Handle Authorization Response
      • Step 3: Request an Access Token
      • Step 4: Call API Endpoints
      • Step 5: Refresh the Tokens
  • API Endpoints
    • Overview
    • Get User Devices
    • Toggle Door
    • Invite User (internal)
    • Get Toggle History
    • Get User Info
    • Get User Settings
Powered by GitBook
On this page
  • Beam API Uses OAuth
  • OAuth Flow Overview
  1. OAuth

Overview

PreviousTesting AccountsNextHow to Authorize Access

Last updated 4 years ago

Beam API Uses OAuth

All requests to the Beam service are governed by OAuth 2.0 () and follow the standard authorization-access token flow.

The Beam implementation closely follows .

OAuth Flow Overview

When a user attempts to authorize their Beam account from your application, the following happens:

  1. Your app generates the Authorization URL and displays the Beam login form to the user (see Step 1)

  2. Beam attempts to authenticate the supplied credentials, and if successful, the user is asked to authorize access to their Beam account.

  3. When the user authorizes access, an authorization_code is sent back to your app via a GET request (see Step 2)

  4. Next, your app uses the authorization_code to request an access_token and refresh_token (see Step 3)

  5. Once you have an access_token, you can call the Beam API on the user's behalf (see Step 4)

quick primer
RFC 6749