If you’re building an integration with Sunshine Conversations, and want to be able to send or receive messages on behalf of a Sunshine Conversations app owner, you need some way to gain access to their app.
Rather than asking customers to provide you with an API key and secret with full access to their app, you can use OAuth to allow administrators to authorize you to make certain API calls to their Sunshine Conversations app.
Below, we’ll lead you through the process of implementing an OAuth flow.
You can provide the app owner with a button to kick off the OAuth flow. The button should point at https://app.smooch.io/oauth/authorize?client_id=[CLIENT_ID]&response_type=code
. For more options and details see the API reference. Your [CLIENT_ID]
is provided to you after the Request OAuth credentials for your bot step of your Zendesk Markeplace bot listing has been submitted and processed.
The user will now be directed to a Sunshine Conversations UI where they can login and authorize the OAuth connection.
Once the user authorizes your integration they will be redirected to the redirect URL you provided to Sunshine Conversations. Included in that redirect is a URL parameter called code
which contains an authorization code you can exchange for an OAuthToken.
You can now call the /token endpoint with the code you received from the redirect as well as the client_id
and client_secret
provided to you after the Request OAuth credentials for your bot step of your Zendesk Markeplace bot listing has been submitted and processed.
The access token you receive as a response can now be used like an app scoped token to send and receive messages, manage users and create Webhooks.
The first step in becoming a Technology Partner is to implement Sunshine Conversations OAuth, as described above, and then list your app, integration, or bot on the Zendesk Marketplace. See Publishing your bot on the Zendesk Marketplace for more information on the steps required to get your listing published on the Zendesk Marketplace.
As part of the OAuth credential-request process, you’ll need to provide Sunshine Conversations with a redirect URL that Sunshine Conversations can redirect the app owner to once they authorize your app, integration, or bot. Once processed, you will be provided with a client ID and secret, to be used as described below.