PowerChord Developer

Authentication

The Service Account is used to authenticate to PowerChord's OAuth service.

Service Account Setup

Create New Command Center User (Service Account)

To connect and use PowerChord services, you need to create a new user account (Service Account) to represent the service you will be connecting from.

This account will represent the user (service account) that will be authorized against Powerchord services and will be the account used for audit tracking. All actions will be scoped to this account.

The following steps outline how to create a new service account.

  1. Log into Command Center (Click here for EU version)
  2. Navigate to the Users page and create a new user (service account) by clicking Add.
  3. Add a descriptive Name and the email address that will be used for the service account.
  4. Give the service account access the Organization(s) for the service account to access. Under Memberships click Add Memberships.
  5. Search and select the Organization the service account will access.
  6. Select a Role for the service account.
  7. Now click Create and the service account email address will receive an email to create a password.
  8. The email and password for the service account will be used to request a temporary JWT token and create a new OAuth client.

Request Temporary JWT Token

Use the email/password for the newly created service account to request a temporary JWT token for that account.

The temporary JWT Token is used to create a OAuth Client.

Request

US Endpoint

curl -X POST 
  -H 'Content-Type: application/json' 
  -d '{"email": "< email@address >", "password": "< password >"}' 
  https://api.powerchord.com/v3/oauth2/login

EU Endpoint

curl -X POST 
  -H 'Content-Type: application/json' 
  -d '{"email": "< email@address >", "password": "< password >"}' 
  https://api.powerchord.eu/v3/oauth2/login

Response

{
  "Token": "< token string >"
  }

Create OAuth Client

Using the acquired token, create a new OAuth Client.

Request

US Endpoint

curl -X POST 
  -H 'Authorization: Bearer < token string >' 
  https://api.powerchord.com/v3/oauth2/client

EU Endpoint

curl -X POST 
  -H 'Authorization: Bearer < token string >' 
  https://api.powerchord.eu/v3/oauth2/client

Response

{      
  "ID": "997a35de-505a-401f-bd8f-fd63ca8da4ae",      
  "ReadOnly": false,      
  "CreatedAt": "2021-05-14T13:37:14.424586Z",
  "UpdatedAt": "2021-05-14T13:37:14.424586Z",
  "Secret": "f0a1f042255bd6fc6fafdbb19f1a1eb9",      
  "Domain": "",      
  "UserID": "60830a31fd71ca0001a3fafc"
  }
NOTE: Make note of the client Secret. This value will only be available in this response.

Client Authentication

To authorize requests, we’ll use the OAuth client to generate OAuth tokens. The OAuth tokens will be used with the service you are connecting to authorize against Powerchord services.

Generate OAuth access and refresh tokens

Since this request passes the < client_secret >, it should never be made from a location in which others are able to see it.

In the following request, replace < client_id > and < client_secret > with the values found in your responses

  • < client_id > and < client_secret > would be replaced with 997a35de-505a-401f-bd8f-fd63ca8da4ae and f0a1f042255bd6fc6fafdbb19f1a1eb9 from the example responses provided above.

Request

US Endpoint

curl -X POST         
    https://api.powerchord.com/v3/oauth2/token?grant_type=client_credentials&client_id=< client_id >&client_secret=< client_secret >

EU Endpoint

curl -X POST         
    https://api.powerchord.eu/v3/oauth2/token?grant_type=client_credentials&client_id=< client_id >&client_secret=< client_secret >

Response

{
  "access_token": "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiIwMzYzMDhiOS0wOGMxLTQ5Y2ItOTBjYy1hZDMyZjU2MmU1ZDciLCJleHAiOjE2MjA5MzI3MTF9.JlEmGYTN0Tk4K8eQB7To9UY3cOuD50WRolQHHN_Ga0LpHG-Hlz6mdu1HOh0rWSD4hKRHLp649X6viMxuqgio4A",
  "expires_in": 10800,
  "refresh_token": "VLOLRUQEV2GYA83GIINI4Q",
  "token_type": "Bearer"
  }

Use the provided access_token as a Bearer token for all future requests against Powerchord services.

Example header:

Authorization: Bearer eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiIwMzYzMDhiOS0wOGMxLTQ5Y2ItOTBjYy1hZDMyZjU2MmU1ZDciLCJleHAiOjE2MjA5MzI3MTF9.JlEmGYTN0Tk4K8eQB7To9UY3cOuD50WRolQHHN_Ga0LpHG-Hlz6mdu1HOh0rWSD4hKRHLp649X6viMxuqgio4A

Refreshing the Access Token

If you receive a 401 - Not Authorized response after your access token has expired, you can refresh your access token; as long as the refresh token has not also expired.

  • OAuth Access tokens have a default expiration of 3 hours.
  • OAuth Refresh Tokens have a default expiration of 3 days.

The following Request can be used to refresh your access token:

Request

US Endpoint

curl -X POST         
  https://api.powerchord.com/v3/oauth2/token?grant_type=refresh_token&client_id=< client_id >&client_secret=< client_secret >&refresh_token=< refresh_token >

EU Endpoint

curl -X POST         
  https://api.powerchord.eu/v3/oauth2/token?grant_type=refresh_token&client_id=< client_id >&client_secret=< client_secret >&refresh_token=< refresh_token >

Response

{
    "access_token": "eyJhbGciOiJIUzUxMiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiIwMzYzMDhiOS0wOGMxLTQ5Y2ItOTBjYy1hZDMyZjU2MmU1ZDciLCJleHAiOjE2MjEwMTc3MTh9.3wPpqWPl66wb_O-9BXrmdm_IEE9J17Sw1G-w-Ayf1ds9KToG_-xoFgRBIrxUoQy2HYkD5MSzzBuW5tM0WNE_yQ",
    "expires_in": 10800,
    "refresh_token": "M_BQHZFKVJEGRSU8PAYQ8G",
    "token_type": "Bearer"
   }

Getting Started

Here you can get familiar with available services and explore resources for the PowerChord Platform.

Leads

The Lead Collection application is an external-facing API created to facilitate lead collection outside the context of Powerchord sites.

Copyright © 2024