OAuth URLs

1.Authorize

GET: https://trainerday.com/oauth/authorize
Supported scopes: calendar:read calendar:write calendar:delete workout:read workout:write workout:delete athlete:read athlete:write

Params:

• client_id– The client ID making the request
• redirect_uri – The URL which to redirect back to.
• response_type – Must be set to “code”
• scope – Space delimited scope

This endpoint is mostly used by the client to request an Authorization code that can then be exchanged for an access token.

2.Gaining an Access Token

POST: https://trainerday.com/oauth/token

Body:

• grant_type– Must be “authorization_code”
• code – The code returned from the authorization server
• client_id – Your client id
• client_secret – Your client secret
• redirect_uri – URL to redirect the user back to

Once you have the authorization code, you must make another request to obtain an access token. The authorization code is only valid for approximately 30 seconds.

3.Refresh Token

POST: https://trainerday.com/oauth/token

Body:

• grant_type– Must be “refresh_token”
• refresh_token – A Valid Refresh Token
• client_id – Your client id
• client_secret – Your client secret

Refresh tokens are used as a way to gain a new access token after the original access token has expired.

4.Destroy Token

POST: https://trainerday.com/oauth/revoke

Body:

• token– Your access token

This endpoint is used to destroy an access token