If you’re building an integration with Sunshine Conversations, and want to be able to send or receive messages on behalf of a Sunshine Conversations app owner, you need some way to gain access to their app.
Rather then asking the app owner to provide you with an API key for the app, you can use OAuth to allow the app owner to authorize you to make API calls to their Sunshine Conversations app.
Below, we’ll lead you through the process of implementing an OAuth flow with Sunshine Conversations, so that Sunshine Conversations app owners can authorize you to make API calls on behalf of their app.
You’ll need to become a partner in order to implement OAuth with Sunshine Conversations. See this guide for more information on becoming a partner.
Once you become a partner, you’ll be provided with a client ID and secret. You’ll also need to provide Sunshine Conversations with a redirect URL that Sunshine Conversations can redirect the app owner to once they authorize your integration.
You can provide the app owner with a button to kick off the OAuth flow. The button should point at
https://app.smooch.io/oauth/authorize?client_id=[CLIENT ID]&response_type=code. CLIENT ID being the ID that Sunshine Conversations provided you with during your partnership application. For more options and details see the API reference.
The user will now be directed to a Sunshine Conversations UI where they can login and authorize the OAuth connection.
Once the user authorizes your integration they will be redirected to the redirect URL you provided to Sunshine Conversations. Included in that redirect is a URL parameter called
code which contains an authorization code you can exchange for an OAuthToken.
You can now call the /token endpoint with the code you received from the redirect and the client ID and secret you received when you applied for partnership.
The access token you receive as a response can now be used like an app scoped token to send and receive messages, manage users and create Webhooks.