- API User Access Token: Required to interact with OAuth APIs. This token authenticates your application as a trusted client.
- Resource Owner Access Token: Used to authenticate requests to Open APIs. This token represents the user’s consent and is obtained through the OAuth flow.
Acquiring API User Access Token
To use Quicko’s OAuth APIs, you need an API User Access Token:1
Authentication Endpoint
Call the
/authenticate endpoint with your API credentials (key and secret).2
Environment-Specific Credentials
Test Environment
Use credentials starting with
key_test_... and secret_test_....Production Environment
Use credentials starting with
key_live_... and secret_live_... for both key and secret.Best Practices for Security
Keep Credentials Secure
Keep Credentials Secure
Store your API keys and secrets securely and never expose them in public repositories or client-side code.
Use HTTPS
Use HTTPS
Ensure all API requests are made over HTTPS to protect data in transit.
Handle Errors Gracefully
Handle Errors Gracefully
Implement error handling for authentication failures and other API errors.
Acquiring Resource Owner's Access Token
You can read about the OAuth workflow, which details the process to acquire this token.