Authorization
iZone Cloud API uses OAuth access token to authorize user access.
Get authorization code
At some stage, you have to send user to iZone worldwide login service with your developer key and parameters.
Authorization Endpoint: https://worldwide.izone.com.au/login
The request uses GET method, with parameters:
| Query Parameter | |
|---|---|
| client_id | Your developer key |
| scope | Use query-control |
| state | A value you can used to track the session in redirect callback |
| response_type | Use code for authorization code |
| redirect_uri | Encoded URL matching for your developer account |
The login service asks the user to authorize your integration to use their iZone system. The user authenticates with login their worldwide account. iZone sends an authorization code back to your integration.
Get access token
Once you get an authorization code, use it to get an access token and refresh token.
Token Endpoint: https://worldwide.izone.com.au/token
The request uses POST method, with parameters:
| Query Parameter | |
|---|---|
| client_id | Your developer key |
| grant_type | Use authorization_code |
| code | The authorization code received previously |
If request format and parameters are all good, the response would be HTTP 200 OK, with payload like this:
{
"access_token": "c3cda13u-393a-c832-112-946106e5bbab",
"token_type": "Bearer",
"expires_in": 3600,
"refresh_token": "c3cda13u-393a-c832-112-946106e5bbab",
"scope": "query-control"
}
Use Access Token
The access token is required in every iZone Cloud API call. According to different types of iZone Cloud APIs:
- HTTPS API
- Use “Bearer” authentication in headers.
Authorization: Bearer access-token
- Use “Bearer” authentication in headers.
- gRPC API
- Use “accessToken” in gPRC proto.