After the user authorizes your account, Middesk will generate an authorization code and the user will be redirected to the redirect_uri with a code attached. The link's url looks like:

https://{CLIENT_REDIRECT_URI}?code=3ab749af10063161aa49c8e8

You will make a POST request to https://api.middesk.com/oauth/token using the code parameter returned to obtain your first access token. The client_id, client_secret, and redirect_uri are used to identify your OAuth client.

Request Parameters

Parameters

Description

grant_type

The only option is authorization_code

code

An authorization code you can use in the next call to get an access token for your user. This code can only be used once.

client_id

The unique identifier provided to your OAuth client. Located on the credentials page.

client_secret

The secret tied to your OAuth Client. Located on the credentials page.

redirect_uri

The URL that a user is redirected to upon authorizing your account.

curl --request POST \
  --url https://api.middesk.com/oauth/token \
  --header 'content-type: application/x-www-form-urlencoded' \
  --data grant_type=authorization_code \
  --data code=1a5e25e6c2317a8cafdfb338 \
  --data client_id=0c2d0900-7a12-0139-47d9-342e993324d0 \
  --data client_secret=25724000a7c9ecbf9d9a145d12ab219ecf9c8296d85ebf0a03ac6235e3acce5b \
  --data redirect_uri=https://example.redirect.com

Upon successful authentication, you will receive a response with the access_token and corresponding Middesk account_id

{
  "access_token": "08ea6a9ec1d4097f6c569499",
  "token_type": "bearer",
  "account_id": "42402379-1c64-4118-b54c-4a4da0e0a86e"
}