API Reference
Start typing to search…

Overview

What is OAuth?

OAuth 2.0 is an industry-standard authorization protocol that allows applications to securely access protected resources without exposing user credentials. In the Hostex API, OAuth is primarily designed for Software Partners, enabling their applications to perform API operations on behalf of users.


Who Should Use OAuth?

Hostex API supports two authentication methods:

  1. Regular API Users: Most developers integrating with Hostex API can use a simple Access Token for authentication, without requiring OAuth.
  2. Software Partners: If you are building a SaaS platform, third-party tool, or need to perform actions on behalf of Hostex users, OAuth authentication is required.

🚧

Most users do not need OAuth authentication. If you only need API access for your own account, using an Simple Access Token created on the Hostex website is recommended.


How OAuth Works

The OAuth authentication process involves several steps to ensure secure access control:

  1. Apply for Access: Software Partners must request OAuth access by contacting Hostex Support and completing the approval process.
  2. Receive Credentials: Upon approval, Hostex will provide a Client ID and Client Secret.
  3. Authorize Users: The application guides users through an authorization flow to grant API access.
  4. Obtain Access Token: The application exchanges an authorization code or refresh token for an Access Token, which is used for API requests.
  5. Make API Calls: Use the Access Token to interact with Hostex API endpoints.
  6. Manage Tokens: Refresh or revoke tokens as needed to maintain security.

Enabling Host disconnection

If a Host decides to stop using your application, you must fully disconnect them from your application.

To disconnect a Host, you can provide them with a disconnection button within your application. Alternatively, Hosts can disconnect from your application directly within their account settings on the Hostex website .


API Endpoints Overview

Hostex OAuth API includes the following key endpoints:

1. Obtain/Refresh Access Tokens

Endpoint: /oauth/authorizations
Description: Used to obtain a new access token using OAuth 2.0 grant types or refresh an existing token.

2. Delete/Revoke Tokens

Endpoint: /oauth/revoke
Description: Allows clients to revoke an access or refresh token, disconnecting the application from Hostex.

Updated 10 days ago

Did this page help you?

Updated 10 days ago

Did this page help you?