Accounts

Authentication to apps.

get
Get Accounts

/auth/:componentType
Get the list of accounts the user has previously authenticated with for this component type. curl "https://api.acme.com/auth/appmixer.slack.list.SendChannelMessage?componentId=e15ef119-8fcb-459b-aaae-2a3f9ee41f15" -H "Authorization: Bearer [ACCESS_TOKEN]"
Request
Response
Request
Path Parameters
componentType
required
string
Component Type.
Query Parameters
componentId
required
string
Component ID.
Response
200: OK
"componentType": "appmixer.slack.list.SendChannelMessage",
"auth": {
"accounts": {
"5a6e21f3b266224186ac7d03": {
"accessTokenValid": true,
"accountId": "5a6e21f3b266224186ac7d03",
"tokenId": "5a6e21f3b266224186ac7d04",
"componentAssigned": true,
"componentId": "e25dc901-f92a-46a2-8d29-2573d4ad65e5",
"scopeValid": true,
"authorizedScope": [
"channels:read",
"chat:write:user"
],
"name": "U0UFJ0MFG - client IO",
"displayName": "client IO"
}
}
}
}

get
Get All Accounts

/accounts
Get the list of all accounts the user has authenticated with to any component. curl "https://api.appmixer.com/accounts" -H "Authorization: Bearer [ACCESS_TOKEN]"
Request
Response
Request
Query Parameters
filter
optional
string
You can filter accounts.
Response
200: OK
[
{
"accountId": "5a6e21f3b266224186ac7d03",
"name": "U0UFJ0MFG - client IO",
"displayName": null,
"service": "appmixer:slack",
"userId": "58593f07c3ee4f239dc69ff7",
"profileInfo": {
"id": "U0UFJ0MFG - client IO"
},
"icon": "data:image/png;base64,...rkJggg==",
"label": "Slack"
},
{
"accountId": "5a7313abb3a60729efe76f1e",
"name": "[email protected]",
"displayName": null,
"service": "appmixer:pipedrive",
"userId": "58593f07c3ee4f239dc69ff7",
"profileInfo": {
"name": "tomas",
"email": "[email protected]"
},
"icon": "data:image/png;base64,...rkJggg==",
"label": "Pipedrive"
}
]

Example of filtering certain accounts:

// filtering acme accounts and aws accounts
curl --request GET 'http://api.acme.com/accounts?filter=service:!acme:[service]&filter=service:!appmixer:aws' \
--header 'Authorization: Bearer [ACCESS_TOKEN]'

put
Update Account Info

/accounts/:accountId
Update account information. Currently, only the display name can be updated. The display name is visible in the Designer inspector when selecting available accounts for a component type and also on the Accounts page. curl -XPUT "https://api.appmixer.com/accounts/5a6e21f3b266224186ac7d03" -H "Authorization: Bearer [ACCESS_TOKEN]" -H "Content-Type: application/json" -d '{ "displayName": "My Account Name" }'
Request
Response
Request
Path Parameters
accountId
required
string
The ID of the account to update.
Form Data Parameters
optional
string
Human-readable name of the account.
Response
200: OK

post
Create Account

/accounts
This can be used to create an account. Usually, an account is created when the user authenticates a component. There are scenarios where it is beneficial to create an account without user interaction (Integrations). There has to be an authentication module (auth.js) installed in Appmixer corresponding to the `service` ID. All the built-in authentication types are supported (Oauth1, Oauth2, API Key).
Request
Response
Request
Query Parameters
validateScope
optional
string
If false, then the scope of the token from the body won't be validated against components installed in Appmixer.
requestProfileInfo
optional
string
If false, then the auth module requestProfileInfo function won't be called.
Body Parameters
displayName
optional
string
Display name property of the account. This overrides the name of the account in the frontend.
name
optional
string
Name of the account, the authentication will determine the name of the account using the accountNameFromProfileInfo property.
service
required
string
ID (vendor:service) of the service - `appmixer:google` for example.
token
required
object
The structure of this object depends on the authentication type (Oauth1, Oauth2, API Key).
profileInfo
optional
object
Can be provided directly. If not, requestProfileInfo from the authentication module will be called.
Response
200: OK
{
"accountId": "5f841f3a43f477a9fa8fa4e9",
"name": "[Name of the account]",
"displayName": null,
"service": "[vendor:service]",
"userId": "5f804b96ea48ec47a8c444a7",
"profileInfo": {
},
"pre": {},
"revoked": false
}

Below is an example of a request to create s Slack (Oauth2) account.

curl --request POST 'https://api.acme.com/accounts' \
--header 'Authorization: Bearer [ACCESS_TOKEN]' \
--header 'Content-Type: application/json' \
--data-raw '{
"service": "appmixer:slack",
"token": {
"accessToken": "[slack access token]",
"scope": [
"channels:write",
"groups:write",
"channels:read",
"channels:history",
"groups:read",
"groups:history",
"users:read",
"chat:write:user"
]
},
"profileInfo": {
"id" : "[Name of the account that will be used in the frontend]"
}
}'

The profileInfo object is optional. If you provide it it will be used. If you do not provide it then the requestProfileInfo from the authentication module will be used to get the profile info. Slack access tokens do not expire, therefore there is neither an expiration date nor a refresh token in the request.

Below is another example, this time for Google (Oauth2) account with access token expiration:

curl --request POST 'https://api.acme.com/accounts' \
--header 'Authorization: Bearer [ACCESS_TOKEN]' \
--header 'Content-Type: application/json' \
--data-raw '{
"service": "appmixer:google",
"token": {
"token": "[google access token]",
"expDate": "2021-02-04 15:34:48.833Z",
"refreshToken": "[google refresh token]",
"scope": [
"https://www.googleapis.com/auth/analytics",
"https://www.googleapis.com/auth/analytics.readonly",
"https://www.googleapis.com/auth/calendar",
"https://www.googleapis.com/auth/calendar.readonly",
"https://www.googleapis.com/auth/drive",
"https://www.googleapis.com/auth/drive.appdata",
"https://www.googleapis.com/auth/drive.file",
"https://mail.google.com/",
"https://www.googleapis.com/auth/gmail.compose",
"https://www.googleapis.com/auth/gmail.send",
"https://www.googleapis.com/auth/gmail.readonly",
"https://spreadsheets.google.com/feeds",
"profile",
"email"
]
}
}'

One more example, this time an API Key account:

curl --request POST 'https://api.acme.com/accounts' \
--header 'Authorization: Bearer [ACCESS_TOKEN]' \
--header 'Content-Type: application/json' \
--data-raw '{
"service": "appmixer:aws",
"token": {
"accessKeyId" : "[AWS access key ID]",
"secretKey" : "[AWS secret key]"
}
}'

post
Test Account

/accounts/:accountId/test
Test account. Check if all the credentials (tokens) are still valid for the account. curl -XPOST "https://api.appmixer.com/accounts/5a6e21f3b266224186ac7d03/test" -H "Authorization: Bearer [ACCESS_TOKEN]"
Request
Response
Request
Path Parameters
accountId
required
string
Account ID.
Response
200: OK
{ "5a6e21f3b266224186ac7d04": "valid" }

delete
Remove Account

/accounts/:accountId
Remove the account and stop all the flows that this account is used in. curl -XDELETE "https://api.appmixer.com/accounts/5a6e21f3b266224186ac7d03" -H "Authorization: Bearer [ACCESS_TOKEN]"
Request
Response
Request
Path Parameters
accountId
required
string
Account ID.
Response
200: OK
{ "accountId": "5abcd0ddc4c335326198c1b2" }

get
List All Flows Using Account

/accounts/:accountId/flows
List all the flows where the account is used. curl "https://api.appmixer.com/accounts/5a6e21f3b266224186ac7d03/flows" -H "Authorization: Bearer [ACCESS_TOKEN]"
Request
Response
Request
Path Parameters
accountId
required
string
Account ID.
Response
200: OK
[
{
"flowId": "9251b4b6-4cdb-42ad-9431-1843e05307be",
"name": "Flow #1"
},
{
"flowId": "777d3024-43f6-4034-ac98-1cb5f320cb3a",
"name": "Flow #2"
},
{
"flowId": "9089f275-f5a5-4796-ba23-365412c5666e",
"name": "Flow #3"
}
]

post
Generate Authentication Session Ticket

/auth/ticket
Generate an authentication session ticket. This is the first call to be made before the user can authentication to a service. The flow is as follows: 1. Generate an authentication session ticket. 2. Get an authentication URL. 3. Start an authentication session. 4. Open the authentication URL in a browser to start the authentication flow. 5. Once the user completes the authentication flow, the browser redirects the user to a special Appmixer page which posts a message of the form "appmixer.auth.[success/failure].[ticket]" via the window.postMessage() call: https://developer.mozilla.org/en-US/docs/Web/API/Window/postMessage. Note that this is a low-level mechanism that you don't have to normally deal with. The Appmixer JS SDK handles all this for you. curl "https://api.appmixer.com/auth/ticket" -H "Authorization: Bearer [ACCESS_TOKEN]"
Request
Response
Request
Response
200: OK
{ "ticket": "58593f07c3ee4f239dc69ff7:1d2a90df-b192-4a47-aaff-5a80bab66de5" }

get
Get Authentication URL

/auth/:componentType/auth-url/:ticket
Get an authentication URL. curl "https://api.appmixer.com/auth/appmixer.slack.list.SendChannelMessage/auth-url/58593f07c3ee4f239dc69ff7:1d2a90df-b192-4a47-aaff-5a80bab66de5" -H "Authorization: Bearer [ACCESS_TOKEN]"
Request
Response
Request
Path Parameters
ticket
required
string
Authentication ticket.
componentType
required
string
Component type.
Query Parameters
required
string
Component ID.
Response
200: OK
{
"authUrl": "https://slack.com/oauth/authorize?response_type=code&client_id=25316748213.218351034294&redirect_uri=http%3A%2F%2Flocalhost%3A2200%2Fauth%2Fslack%2Fcallback&state=38133t07c3ee4f369dc69ff7%3A1d2a90df-b192-4a47-aaff-5a80bab66de5&scope=channels%3Aread%2Cchat%3Awrite%3Auser"
}

put
Start Authentication Session

/auth/:componentType/ticket/:ticket
Start the authentication session. curl -XPUT "https://api.appmixer.com/auth/appmixer.slack.list.SendChannelMessage/ticket/58593f07c3ee4f239dc69ff7:68982d38-d00c-4345-9a4a-82360d7e1649" -H "Authorization: Bearer [ACCESS_TOKEN]"
Request
Response
Request
Path Parameters
ticket
required
string
Authentication session ticket.
componentType
required
string
Component type.
Response
200: OK
{
"service": "appmixer:slack"
}

delete
Clear Authentication From Component

/auth/component/:componentId
Clear authentication associated with the component. Note that this call does not remove the account, it only removes the association of an account with a component. curl -XDELETE "https://api.appmixer.com/auth/component/e25dc901-f92a-46a2-8d29-2573d4ad65e5" -H "Authorization: Bearer [ACCESS_TOKEN]"
Request
Response
Request
Path Parameters
componentId
required
string
Component ID.
Response
200: OK
{ "componentId": "e25dc901-f92a-46a2-8d29-2573d4ad65e5" }

put
Assign Account To Component

/auth/component/:componentId/:accountId
Assign an account to a component. curl -XPUT "https://api.appmixer.com/auth/component/e25dc901-f92a-46a2-8d29-2573d4ad65e5/5a6e21f3b266224186ac7d03" -H "Authorization: Bearer [ACCESS_TOKEN]"
Request
Response
Request
Path Parameters
accountId
required
string
Account ID.
componentId
required
string
Component ID.
Response
200: OK
{
"accountId":"5a6e21f3b266224186ac7d03",
"componentId":"e25dc901-f92a-46a2-8d29-2573d4ad65e5"
}