Obtaining an OAuth Access Token

After the user authorizes your account, Middesk will generate an authorization code and the user will be redirected to the redirect_uri with a code attached. The link's url looks like:


You will make a POST request to https://api.middesk.com/oauth/token using the code parameter returned to obtain your first access token. The client_id, client_secret, and redirect_uri are used to identify your OAuth client.

Request Parameters

grant_typeThe only option is authorization_code
codeAn authorization code you can use in the next call to get an access token for your user. This code can only be used once.
client_idThe unique identifier provided to your OAuth client. Located on the credentials page.
client_secretThe secret tied to your OAuth Client. Located on the credentials page.
redirect_uriThe URL that a user is redirected to upon authorizing your account.
curl --request POST \
  --url https://api.middesk.com/oauth/token \
  --header 'content-type: application/x-www-form-urlencoded' \
  --data grant_type=authorization_code \
  --data code=1a5e25e6c2317a8cafdfb338 \
  --data client_id=0c2d0900-7a12-0139-47d9-342e993324d0 \
  --data client_secret=25724000a7c9ecbf9d9a145d12ab219ecf9c8296d85ebf0a03ac6235e3acce5b \
  --data redirect_uri=https://example.redirect.com

Upon successful authentication, you will receive a response with the access_token and corresponding Middesk account_id

  "access_token": "08ea6a9ec1d4097f6c569499",
  "token_type": "bearer",
  "account_id": "42402379-1c64-4118-b54c-4a4da0e0a86e"