POST
/
oauth
/
authorize
curl https://api.thanxsandbox.com/oauth/authorize \
  -X POST \
  -H "Content-Type: application/json" \
  -d '{
    "client_id": "f4bf04a6fc27b5fa926a7318933b76440642c25cde037d8e867b3d18d771ad86",
    "redirect_uri": "https://www.example.com/oauth/callback",
    "response_type": "code",
    "scope": "passwordless",
    "username": "john.smith@example.com"
  }'

""

Calling this endpoint will send a passwordless email to the email address specified as the username. The response to this request will be a 200 and an empty response body. The passwordless email will contain a link to log in which will redirect the user to the specified redirect_uri with the authorization code included in the query params (?code=...).

The redirect_uri must be whitelisted for your integration by our developer support team. If you need a URL added or changed, feel free to write to developer.support@thanx.com.

Note that abitrary data can be passed through this authentication process by using custom query parameters. For example, for the whitelisted redirect_uri of https://www.example.com/oauth/callback, query parameters can be appended to the URL and will be passed through the entire auth process. As an example, https://www.example.com/oauth/callback?table=1 as the input redirect_uri to the API request would preserve table=1. Note that the code value is a reserved parameter that should not be used, as that will conflict with the access code that will be appended to the redirect_uri.

If an account does not exist for the specified email, a 401 error will be returned. To create an account, the POST /users endpoint should be used.

Request

client_id
string
required

OAuth Client ID

redirect_uri
string
required

Where you want the user to be redirected

response_type
string
required

code is the required value

scope
string
required

passwordless is the required value

username
string
required

The user’s email

Legal RequirementsAcquire Access Token