OAuth Integration Guide

TIP

Access to our APIs is evaluated on a case-by-case basis. To find out if your use case is one that we support feel free to get in touch with the details of your project. partners@litmus.com

OAuth2 is a protocol that allows external applications to act on behalf of Litmus users without the user having to reveal their Litmus username, password or API key, instead the user grants permissions to an application.

Litmus currently supports:

• the OAuth2.0 Web Application Flow (also known as "Authorization Code Grant" flow); and
• the OAuth2.0 Client Credentials Flow (also known as "Client Credentials Grant" flow).

Before you start

1. Contact resellers@litmus.com to request a new API application.
   You'll need to provide us:

   • application name
   • OAuth callback URI --- whitelist a URI within your application that will handle exchanging an authorization code for a token (must be HTTPS, multiple can be provided)

2. In return we'll provide you:

   • client_id
   • client_secret (must be kept private)

Libraries

A list of battle tested client libraries for simplifying integration can be found on the OAuth project site.

For integrating with ruby applications we also provide an omniauth-litmus strategy.