state–(optional) contains the original value for the state parameter that was passed at the beginning of the authorization.You will be able to use thisĪccess Token to access the user’s account on their behalf.
#Harvest app call code
code–an authorization code that you will have to exchange for a set of Refresh and Access Tokens.redirect_uri–(optional) the default Redirect URL can be further customized here if needed, but needs to start with the RedirectĪfter a successful authorization, the user will be redirected back to the Redirect URL you specified when registering your OAuth2Īpplication, or the redirect_uri you provided.state–(optional) used to pass any value that will get sent back to you when redirecting back to your application.This URL allows the user to authenticate on Harvest ID and lets them authorize access to their account(s) depending on your OAuth2 Application settings and their choice. To start the authorization flow, you need to redirect the user to the following URL: OAuth2 Authorization Flow For Server Side Applications Products–scope of access requested can be either Harvest, Forecast or both.Multi Account–does your integration support multiple user account access or work with only one authenticated account.Redirect URL–the URL in your integration successful authentications will be redirected to by default.Of Harvest ID, and you will be required to provide some information:
The application can be created from the Developers section If you are interested in building integrations that other users can use, you will need to register an OAuth2 Application, also Query String Authentication Example curl -H "User-Agent: MyApp \ " $ACCESS_TOKEN &account_id= $ACCOUNT_ID " OAuth2 Application Header Authentication Example curl -H "Authorization: Bearer $ACCESS_TOKEN " \ -H "Harvest-Account-Id: $ACCOUNT_ID " \ -H "User-Agent: MyApp \ Each request will require your account ID as well, since you can use this Personal Access Token to access any of your Harvest or Forecast accounts. Once generated, a Personal Access Token can be used to access the API by either providing the token in the Authorization header or including it in the query string. Within the Developers section you’ll see a list of all your Personal Access Tokens, when they were last used, and you’ll be able to easily revoke them if necessary. Personal Access Tokens replace the Basic Authentication method that was used in our v1 API, as this is more secure. Would otherwise take a long time when done manually. Typical use casesįor Personal Access Tokens are scripts that build custom reports, sync data between different accounts, or automate tasks that Personal Access Tokens are the preferred method when you want to write your own scripts that consume our API.
After creating it you’ll be provided with a random token and a list of your account IDs. The API can be accessed by creating a Personal Access Token from the Developers