OAuth URLs
1.Authorize
GET: https://trainerday.com/oauth/authorize
Supported scopes: calendar:read calendar:write calendar:delete workout:read workout:write workout:delete athlete:read athlete:write
Params:
- client_id– The client ID making the request
- redirect_uri – The URL which to redirect back to.
- response_type – Must be set to “code”
- scope – Space delimited scope
This endpoint is mostly used by the client to request an Authorization code that can then be exchanged for an access token.
2.Gaining an Access Token
POST: https://trainerday.com/oauth/token
Body:
- grant_type– Must be “authorization_code”
- code – The code returned from the authorization server
- client_id – Your client id
- client_secret – Your client secret
- redirect_uri – URL to redirect the user back to
Once you have the authorization code, you must make another request to obtain an access token. The authorization code is only valid for approximately 30 seconds.
3.Refresh Token
POST: https://trainerday.com/oauth/token
Body:
- grant_type– Must be “refresh_token”
- refresh_token – A Valid Refresh Token
- client_id – Your client id
- client_secret – Your client secret
Refresh tokens are used as a way to gain a new access token after the original access token has expired.
4.Destroy Token
POST: https://trainerday.com/oauth/revoke
Body:
This endpoint is used to destroy an access token