Knowledge Base

Create your OAuth Apps

Create more integrations for your Bynder brand portal using the new OAuth 2.0 setup to easily provide authorized access to the Bynder API. This new setup empowers you to create your account specific integrations to leverage Bynder throughout your brand ecosystem.

Skip directly to

How to enable this feature?

Why OAuth 2.0?

Create new OAuth apps

Modify OAuth apps

Revoke refresh tokens

Delete OAuth applications

FAQ

How to enable this feature?

Contact your Customer Success Manager if this feature is not enabled for your portal. Your Customer Success Manager is happy to assist you in setting this up.

How to create a new OAuth App?

The client for the OAuth App can be created as follows:

  1. Go to settings_menu.pngSettings > Advanced Settings > Portal settings and click OAuth Apps.

  2. Click Register new application to create your first OAuth App.

  3. Configure your OAuth App.

  4. Click Register application to retrieve a Client ID and Client Secret for your OAuth application.

    Note

    The Client Secret will only be visible once and needs to be regenerated in case it is lost. If you regenerate it, your existing operations with the previous client secret will no longer work.

    In addition, users who can manage OAuth Apps have the possibility to revoke all refresh tokens for an OAuth App and if needed delete the application once and for all which will permanently delete the application's associated refresh tokens.

    oauth_app.jpg

    Click for an example of an OAuth application

How to modify an existing OAuth App?

All OAuth App specifications can be changed except for the OAuth scopes. Therefore, we recommend you to create a new application when you want to modify the OAuth scopes.

  1. Go to settings_menu.pngSettings > Advanced Settings > Portal settings and click OAuth Apps.

  2. Click OAuth Apps.

  3. Click the settings_menu.png icon of the application you want to modify.

  4. Modify your OAuth App information.

  5. Click Update application to save your changes.

How to revoke refresh tokens?

  1. Go to settings_menu.pngSettings > Advanced Settings > Portal settings and click OAuth Apps.

  2. Click OAuth Apps.

  3. Click the settings_menu.png icon of the application you want to revoke the refresh tokens for.

  4. Click Revoke refresh tokens. A popup will open.

  5. Read the warning message and click Revoke all refresh tokens if you want to revoke the refresh tokens.

    Note

    This action cannot be undone

How to delete an application?

  1. Go to settings_menu.pngSettings > Advanced Settings > Portal settings and click OAuth Apps.

  2. Click OAuth Apps

  3. Click the settings_menu.png icon of the application you want to delete.

  4. Click Delete application. A popup will open.

  5. Read the warning message and click Delete if you want to delete the application.

Note

This will permanently delete the application and revoke all associated refresh tokens. This action cannot be undone.

What Grant Type to Choose?

Part of the OAuth 2.0 specification are grant types. These are essentially different methods to acquire an access token needed to authorize API calls.

We currently offer the following grant types: 

  • Authorization Code + Refresh Token

    The authorization code grant will allow you to access Bynder on a user’s behalf. The application redirects the user to the authorization page where the user will be required to log in and approve the authorization request. If approved, Bynder will redirect the user back to the application with an authorization code. The application can then exchange this code for an access token.

    A refresh token can be obtained by specifying the offline scope in the authorization request. This token will not expire and allows the application to request new access tokens without user interaction.

  • Client Credentials

    The client credentials grant allows applications to obtain access tokens solely using the client ID and client secret without any user interaction. In the case of Bynder the issued access tokens will still be linked to the configured assigned user.

    This grant is the most comparable to the OAuth 1.0a API tokens. And is useful for machine-to-machine interaction. 

    For a more detailed explanation on the endpoints please see our API documentation.

FAQ

What does this mean for my existing integrations or scripts calling the Bynder API?

OAuth 2.0 works in parallel with OAuth1a. They can coexist but we want to promote the use of OAuth 2.0 (OAuth Apps) as much as possible since it is the newest implementation to provide authorized access to the Bynder API and will be continuously improved.

What are the main benefits of OAuth 2.0?

Bynder’s OAuth 2.0 scopes implementation for OAuth Apps provides full transparency to the user regarding what the application can request on the user’s behalf. In addition, access tokens can now be refreshed which means users no longer need to re-authenticate every 30 days but they can be refreshed in the background using the refresh token generated by the OAuth 2.0 service.

How to migrate my migrations from OAuth1 to OAuth 2.0?

Customers can easily upgrade to OAuth 2.0 by using our Bynder SDKs. The new endpoints and the refresh mechanisms have been fully implemented in all our SDKs and, therefore, allow a fast upgrade for your integrations.

If you have questions feel free to reach out to our Support Team.

How can I update my OAuth App over time?

All OAuth App specs can be changed except for OAuth scopes. At this point in time we did not implement the update of the OAuth scopes for an existing application. Therefore, we recommend you to create a new application.