We use OAuth 2.0 to authenticate and authorize access to our API. This documentation will guide you through the authentication process.
For authentication, we use the OAuth 2.0 protocol. OAuth 2.0 is a widely used protocol for securing APIs and allowing authorized access to protected resources. We provide OAuth 2.0 endpoints to authenticate and authorize access to our API. Additionally, users have the option to authenticate using Personal Access Tokens, offering a straightforward way to interact with our services programmatically.
Before you begin the authentication process, you should be aware of the two main endpoints used:
Authorize Endpoint:
https://cloud.volttime.com/oauth/authorize
Token Endpoint:
https://cloud.volttime.com/oauth/token
To connect to the Volt Time Cloud and access its API, follow these steps:
User Initiation: When a user initiates the connection process, redirect them to our ‘Authorize’ endpoint, where they will be prompted to log in and grant your application access.
client_id
: Your application’s client ID.redirect_uri
: The URL to which the user will be redirected after authorization. This should be a URL within your application.response_type
: Set to “code” to request an authorization code.scope
: Define the specific permissions you require for accessing resources.User Authorization: The user will be prompted to log in and approve the requested permissions.
Authorization Code: Upon approval, the user will be redirected to the redirect_uri
, and an authorization code will be included in the URL as a query parameter.
redirect_uri
matches the one you have supplied to us.After receiving the authorization code, you need to exchange it for an access token by making a POST request to our ‘Token’ endpoint.
client_id
: Your application’s client ID.client_secret
: Your application’s client secret.grant_type
: Set to “authorization_code.”code
: The authorization code received in the previous step.redirect_uri
: The same redirect URI used in the authorization request.Once you obtain an access token, you can use it to make API requests on behalf of the user. Include the access token in the Authorization
header of your API requests.
In addition to OAuth 2.0, we also offer the option for users to authenticate and access our API using personal access tokens. Personal access tokens provide a straightforward way for users to interact with our services programmatically without the need for a full OAuth 2.0 authorization flow.
To create a personal access token, follow these steps:
Navigate to your profile in the top-right corner of the Volt Time Cloud.
Select the “Personal Access Tokens” option.
Click on the “Create Token” button.
Provide a name for your token.
Specify the required scopes or permissions for the token.
Click “Submit” to create your personal access token.
Once you have generated a personal access token, you can use it to authenticate your API requests. Include the token in the Authorization
header of your HTTP requests as follows:
Replace YOUR_PERSONAL_ACCESS_TOKEN
with the actual token you generated. This token will authenticate your requests and provide the necessary permissions as configured during token creation.
If you ever need to revoke or regenerate a personal access token, you can do so from the “Personal Access Tokens” section in your profile settings.