Authorization

Get access token for calling iZone Cloud API.

iZone Cloud API uses OAuth access token to authorize user access.

Get authorization code

At some stage, you have to send user to iZone worldwide login service with your developer key and parameters.

Authorization Endpoint: https://worldwide.izone.com.au/login

The request uses GET method, with parameters:

Query Parameter
client_id Your developer key
scope Use query-control
state A value you can used to track the session in redirect callback
response_type Use code for authorization code
redirect_uri Encoded URL matching for your developer account

The login service asks the user to authorize your integration to use their iZone system. The user authenticates with login their worldwide account. iZone sends an authorization code back to your integration.

Get access token

Once you get an authorization code, use it to get an access token and refresh token.

Token Endpoint: https://worldwide.izone.com.au/token

The request uses POST method, with parameters:

Query Parameter
client_id Your developer key
grant_type Use authorization_code
code The authorization code received previously

If request format and parameters are all good, the response would be HTTP 200 OK, with payload like this:

{
  "access_token": "c3cda13u-393a-c832-112-946106e5bbab",
  "token_type": "Bearer",
  "expires_in": 3600,
  "refresh_token": "c3cda13u-393a-c832-112-946106e5bbab",
  "scope": "query-control"
}

Use Access Token

The access token is required in every iZone Cloud API call. According to different types of iZone Cloud APIs:

  • HTTPS API
    • Use “Bearer” authentication in headers. Authorization: Bearer access-token
  • gRPC API
    • Use “accessToken” in gPRC proto.