OAuth 2.0

To request access for your application to access information via the Kapta API on behalf of a user, do the following (NOTE: If your company uses the EU Login, modify the example URLs to include eu: https://apieu.kaptasystems.com):

  1. Obtain an API Key and API Secret for your application. For more information on this step, see the API Applications documentation.
  2. Redirect the user to the API authorization page:

    GET

    https://api.kaptasystems.com/auth/login/authorize?client_id=APIKEY&redirect_uri=REDIRECTURI&scope=SCOPE&state=STATE
    Parameter NameDescriptionTypeMore Information
    client_idThe API Key from the API Application Details page.stringRequired.
    redirect_uriThe application Redirect URI specified while creating an API Application.stringRequired.
    scopeThe level of access needed by the application.string

    The available options are: self, manager, or administrator.

    The manager scope includes self access.

    The administrator scope includes manager and self acccess.

    If the user does not have the level of access requested or the scope is not specified, the scope will default to self.

    stateA unique string value that is difficult to guess. This prevents against cross-site request forgery.stringRequired.
  3. If the user grants your application access, the API authorization page redirects to the specified Redirect URI with a code and the provided state. Please ensure that the state matches the state sent in the previous step before continuing.

    Kapta Redirect

    REDIRECTURI?code=CODE&state=STATE
  4. Use the provided code to obtain an access token:

    POST

    https://api.kaptasystems.com/auth/login/accesstoken

    client_id=APIKEY&client_secret=APISECRET&code=CODE&redirect_uri=REDIRECTURI
    Parameter NameDescriptionTypeMore Information
    client_idThe API Key from the API Application Details page.stringRequired.
    client_secretThe API Secret from the API Application Details page.stringRequired.
    codeThe code provided during the redirect.stringRequired.
    redirect_uriThe application Redirect URI specified while creating an API Application.stringRequired.
  5. If the request was successful, it will return JSON containing an access_token. Use this token to authorize API calls by placing it in the Authorization header of each request:

    Authorization Header

    Authorization: token TOKENPROVIDED

    cURL

    curl -H "Authorization: token TOKENPROVIDED" https://api.kaptasystems.com/v1/person/objectives

To view all resources that are available, return to the Help Page Home.