User authorization flow

Every time an installed integration opens, SendPulse sends a code to the Login URL you specified when creating your app. To get keys to API calls via your app, you need to send a request with this code and app keys.

An integration opens, and the app user authorization flow starts in two cases:

  • When a user first installs your app and gives permissions;
  • When a user opens your app page in their SendPulse account by clicking View next to your app.

Take a look at what the user authorization flow looks like:

Example of a POST request from SendPulse to send a code:

https://YOUR_INSTALL_URL/?code={code}lang=en

URL request parameters:

сode string The code generated when the user opens your app.

This code is valid for 1 minute.

lang string The user’s SendPulse account language.

To get app user keys, send a POST request to:

https://api.sendpulse.com/market-service/oauth/authorize

Request parameters:

app_id string The app ID that appears in your developer account after you add your app.*
secret string The secret key that appears in your developer account after you add your app.*
code string The code that SendPulse sends to your Login URL.

The code is valid for 1 minute.

*To find your app keys, go to App directory > Created. Next to your app, click the three dots and select Edit. Copy your keys in the App ID and Secret key fields, and save them to your system.

Request example:

{
  "app_id": "9b0f2f98-d75f-4562-887e-2b79bc8a1eee",
  "secret": "0d028163-9c84-40e4-8508-f4927badf735",
  "code": "21efd6b100b2602cb2d75cb06c2bf37f"
}

If your request is successful, the integration will receive your app user keys (client_id and client_secret) using which you can receive your app user token.

Response example if the request is successful:

{
  "result": true,
  "data": {
    "id": "9b0f56dd-4f4d-4792-ae20-23f99659b69e",
    "user_id": 7043663,
    "app_id": "9b0fdd98-d75f-4562-887e-2b79bc8a1eee",
    "client_id": "b2bfd8a8441294fa0171c195ada8cf56",
    "client_secret": "f7064fb0bbecd392d7b3ea2e2bd77758",
    "created_at": "2024-01-10T15:50:20.000000Z",
    "updated_at": "2024-01-10T15:50:20.000000Z"
  }
}

Response parameters:

id uuid The user’s SendPulse account ID.

You can use this ID to add a user to your private app.
client_id string App user key to access API*
client_secret string App user key to access API*
created_at datetime Date and time when the first connection was created.
updated_at datetime Date and time when the last connection was updated.

*We recommend saving the client_id and client_secret parameters to your system so that your app runs in the background. App user keys remain the same when a user uses your app. You can collect and update other parameters to store user data, for example, by their ID.

If your request is unsuccessful, you will receive an error 422 Unprocessable Entity.

Response example if the request is not successful:

{
 "result": false,
 "data": null,
 "error": "Сonnect not found!",
 "code": 5
}

If you received an error, check the data you used, and send the request again.

Last Updated: 16.05.2025

    Rate this article about "User authorization flow"

    User Rating: 5 / 5 (1)

    Next

    User token flow

    Popular in Our Blog

    Try SendPulse today for free