Appearance
OAuth 2.0
Integrate your application with Archilogic using OAuth 2.0 to access floor plans, spaces, and building data on behalf of users.
Authorization Code Flow
Archilogic supports the OAuth 2.0 authorization code flow. For server-to-server integrations, use Secret Access Tokens instead.
1. Authorization
<endpoint>/oauth/authorize?
response_type=code&
client_id=YOUR_CLIENT_ID&
state=RANDOM_STATE_VALUE
Users will be prompted to approve permissions on first authorization. After consent, they're redirected to your redirect_uri
with an authorization code.
2. Token Exchange
bash
curl -X POST <endpoint>/oauth/token \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "grant_type=authorization_code" \
-d "code=AUTHORIZATION_CODE"
Returns:
json
{
"access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
"token_type": "bearer"
}
INFO
Authorization codes expire after 5 minutes. Access tokens are long-lived.
3. API Access
bash
curl -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
"https://api.archilogic.com/v2/floor/FLOOR_ID"
Configuration
Scopes
OAuth applications use the same scopes as secret access tokens. Configure scopes when registering your application with Archilogic support.
Managing Consents
Users can view and revoke application permissions at any time through their Archilogic account settings.
Application Registration
To register your OAuth application, contact Archilogic support with:
- Application name
- Redirect URI(s)
- Required scopes
Rate Limiting
OAuth tokens follow standard API rate limits.
Error Codes
Error Code | Description | Solution |
---|---|---|
invalid_client | Client authentication failed | Verify client ID |
invalid_grant | Authorization code is invalid/expired (codes expire after 5 minutes) | Request new authorization |
invalid_scope | Requested scope is invalid | Use supported scopes only |
access_denied | User denied authorization | Handle gracefully in your app |
server_error | Internal server error | Retry with exponential backoff |
Related Resources
- Authentication - Overview of all authentication methods
- API Reference - Complete API documentation
- Contact Support - Get help with integration