Create more integrations for your Bynder brand portal using the OAuth 2.0 setup to quickly provide authorized access to the Bynder API. This setup empowers you to create account-specific integrations to leverage Bynder throughout your brand ecosystem.
How to enable this feature in your portal?
Contact your Customer Success Manager to enable this feature in your portal.
Create a new OAuth App
-
Navigate to Settings > Advanced Settings > Portal settings and click OAuth Apps.
-
Click Register new application to create your first OAuth App.
-
Configure your OAuth App.
-
Click Register application to retrieve a Client ID and Client Secret for your OAuth application.
Note
The Client Secret will only be visible once and needs to be regenerated in case it is lost. If you regenerate it, your existing operations with the last client secret will no longer work.
In addition, users who can manage OAuth Apps can revoke all refresh tokens for an OAuth App and, if needed, delete the application once and for all, which will permanently delete the application's associated refresh tokens.
Edit an Existing OAuth App
All OAuth App specifications can be changed except the OAuth scopes. When you want to modify the OAuth scopes, we recommend creating a new application.
-
Go to Settings > Advanced Settings > Portal settings and click OAuth Apps.
-
Click OAuth Apps.
-
Click next to the application you want to modify.
-
Modify your OAuth App information.
-
Click Update application to save your changes.
Revoke Refresh Tokens
-
Go to Settings > Advanced Settings > Portal settings and click OAuth Apps.
-
Click OAuth Apps.
-
Click next to the application you want to revoke the refresh tokens for.
-
Click Revoke refresh tokens. A popup will open.
-
Read the warning message and click Revoke all refresh tokens if you want to revoke the refresh tokens.
Note
This action cannot be undone.
Delete an Application
-
Go to Settings > Advanced Settings > Portal settings and click OAuth Apps.
-
Click OAuth Apps
-
Click next to the application you want to delete.
-
Click Delete application. A popup will open.
-
Read the warning message and click Delete to delete the application.
Note
This will permanently delete the application and revoke all associated refresh tokens. This action cannot be undone.
Part of the OAuth 2.0 specification is grant types, which are different methods for acquiring an access token to authorize API calls.
We currently offer the following grant types:
-
Authorization Code + Refresh Token
The authorization code grant will allow you to access Bynder on a user's behalf. The application redirects the user to the authorization page, where the user must log in and approve the authorization request. If approved, Bynder will redirect the user to the application with an authorization code. The application can then exchange this code for an access token.
A refresh token can be obtained by specifying the offline scope in the authorization request. This token will not expire and allows the application to request new access tokens without user interaction.
-
Client Credentials
The client credentials grant allows applications to obtain access tokens solely using the client ID and client secret without user interaction. In the case of Bynder, the issued access tokens will still be linked to the configured assigned user.
This grant is the most comparable to the OAuth 1.0a API tokens. And is helpful for machine-to-machine interaction.
Please see our API documentation for a more detailed explanation of the endpointshttps://bynder.docs.apiary.io/#reference/oauth-2.0.
What does this mean for my existing integrations or scripts calling the Bynder API?
OAuth 2.0 works in parallel with OAuth1a. They can coexist, but we want to promote OAuth 2.0 (OAuth Apps) as much as possible since it is the newest implementation to provide authorized access to the Bynder API and will continuously improve.
What are the main benefits of OAuth 2.0?
Bynder's OAuth 2.0 scope implementation for OAuth Apps provides complete transparency to the user regarding what the application can request on the user's behalf. In addition, access tokens can now be refreshed, which means users no longer need to re-authenticate every 30 days. Still, they can be refreshed in the background using the refresh token generated by the OAuth 2.0 service.
How to migrate my migrations from OAuth1 to OAuth 2.0?
Customers can easily upgrade to OAuth 2.0 by using our Bynder SDKs. The new endpoints and refresh mechanisms have been fully implemented in all our SDKs, allowing a fast upgrade for your integrations.
How can I update my OAuth App over time?
All OAuth App specs can be changed except for OAuth scopes. At this point, we did not implement the update of the OAuth scopes for an existing application. Therefore, we recommend you create a new application.
Updated