- GET USER CONSENT
- The initial Request URL must be URL encoded, use the GET verb.Example URL https://identity.justgiving.com/connect/authorize?client_id=12345678&response_type=code&scope=openid profile email fundraise&redirect_uri=https://yourapplication.com/yourcallback&state=/Home/CallApi&nonce=ba3c9a58dff94a86aa633e71e6afc4e3 The URL has the following parameters:
- https://identity.local.justgiving.com/connect/authorize?
- client_id={yourApplicationId}
- response_type=code
- scope=openid profile email fundraise
-
The scope parameter is a space delimited list of the data the Third Party would like to read. The minimal scopes you must request are "openid" and "profile". OAuth authorisation cannot continue without these. Other possible scopes are
fundraise
Create, modify and view fundraising pages and team pages on your behalf
account
Create, modify and view your JustGiving user account
rate
View and modify rated content
social
View information about people you know
-
- redirect_uri=https://\{yourapplication.com}/{yourcallback} This is the "callback" location on the Third-party Application. The part of the Third-party Application that contains the logic to use the "code" returned from the Resource Server and use that to request a token from the Resource Server
- state={YourStateLocation} You can use state to allow your application to pick up where it left off, before the redirect to The Resource Server
- nonce={GUIDyouGenerate} This is a one off randomly generated value to prevent the request from getting modified. A GUID is best as it ensures uniqueness.
- https://identity.local.justgiving.com/connect/authorize?
- The initial Request URL must be URL encoded, use the GET verb.Example URL https://identity.justgiving.com/connect/authorize?client_id=12345678&response_type=code&scope=openid profile email fundraise&redirect_uri=https://yourapplication.com/yourcallback&state=/Home/CallApi&nonce=ba3c9a58dff94a86aa633e71e6afc4e3 The URL has the following parameters:
- The logo and your application name displayed on the Authorisation Page are specified when you register your application and create your applicationId at https://apimanagement.justgiving.com/admin/applications
- No extra information required
- Store the querystring parameter "code" as it will be used in the next call to the Resource Server
- Create a request with the following parameters
POST: /connect/token?code={codeFromResourceServer}&grant_type=authorization_code&redirect_uri={yourCallback}
HOST: https://identity.justgiving.com
Authorization: Basic {yourBase64EncodedCredentials}
-
- NOTE: To generate { yourBase64EncodedCredentials } navigate to http://api.justgiving.com/docs/usage#credsTo64Username in the "login email" enter your applicationId and in the "password" field enter your secret key, then click on "Generate basic auth header"
- NOTE: To generate { yourBase64EncodedCredentials } navigate to http://api.justgiving.com/docs/usage#credsTo64Username in the "login email" enter your applicationId and in the "password" field enter your secret key, then click on "Generate basic auth header"
- The response will contain JSON formatted token data
{
"access_token" : "ab49.HAUS6ZxXz",
"token_type" : "Bearer",
"expires_in" : 3600
}