Skip to content

oauth2.md

Latest commit

 

History

History
50 lines (33 loc) · 3.16 KB

oauth2.md

File metadata and controls

50 lines (33 loc) · 3.16 KB

OAuth2

BugSplat supports authenticating via OAuth 2.0 in addition to the username/password authentication described in our API documentation. Currently, only the OAuth2 client credentials flow is supported. If you are interested in exploring other OAuth 2.0 authentication methods, please contact support@bugsplat.com.

A reference client implementation can be found in our @bugsplat/js-api-client repo.

Client Credentials

To authenticate via OAuth2 client credentials, you will need to create a Client ID and Client Secret pair on the OAuth Integrations page. When prompted, enter an application name and choose a desired scope.

BugSplat scopes are hierarchical (not composable), and the available choices are either symbols or restricted. The only operation allowed by the symbols scope is symbol upload. The restricted scope provides read-only access to the Charting, Crash, Crashes, Summary, Versions, and Key Crash APIs

Adding a New Application

Adding a New Application

Copy the Client ID and Client Secret to a secure location. Once you've dismissed the dialog, the Client Secret will not be displayed again.

Authorize

The Client ID and Client Secret are used in a POST to the server and will return access_token and a token_type. The Authorize endpoint is described below.

Headers

Once an access_token and token_type have been acquired, they can be used in any of the API requests outlined in our API docs. To make an authenticated request to one of BugSplat's API endpoints, add a header with a key of Authorization and a value of ${token_type} ${access_token}.

Authorize

POST https://app.bugsplat.com/oauth2/authorize

Exchange a Client Id and Client Secret for a bearer token.

Request Body

Name Type Description
scope string OAuth2 scope, supported options include symbols, and restricted.
client_secret string The Client Secret created above
client_id string The Client Id created above
grant_type string

OAuth2 grant type, in this case,

client_credentials

{% tabs %} {% tab title="200 " %}

{
  "token_type": "Bearer",
  "expires_in": 3600,
  "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9[...]"
}

{% endtab %} {% endtabs %}