Twinfield API: how to get accesstoken using postman?

Question

I'm trying to connect to the Twinfield API. I have registered an app in the developer portal, and created a callback URI. My call looks as follows:

https://login.twinfield.com/auth/authentication/connect/authorize?redirect_uri=https://oauth.pstmn.io/v1/callback&response_type=id_token+token&client_id=###&client_secret=#####

Link to twinfield api documentation

However I get the error stating that the client application is not known or is not authorized.

Can someone help me with this problem?

Answer 1

Think you are missing the code, see below the response_type

&response_type=code&scope=openid+twf.user+twf.organisation+twf.organisationUser+offline_access&redirect_uri=https://oauth.pstmn.io/v1/callback&

Once you've run this, you get a code and together with basic64encoding of your client_id:client_secret would profide you an access code.

The whole request should look like:

https://login.twinfield.com/auth/authentication/connect/authorize?client_id={xxxx}&response_type=code&scope=openid+twf.user+twf.organisation+twf.organisationUser+offline_access&redirect_uri=https://oauth.pstmn.io/v1/callback&state=SOME_RANDOM_STATE&nonce=SOME_RANDOM_NONCE

for me to get this working in postman I need to copy the whole link into the browser, login there and then get from the return link the code when you see the page "Your call is authenticated"