Introduction

Gofundo implements the OAuth 2.0 specification.

Accessing the OAuth 2.0 API

When signed into the Gofundo user interface, browse to Instellingen > API-koppeling. There you will find a table of all active (non-revoked) API clients relevant to your current instance of Gofundo.

Click on Nieuwe client in order to create new API client and secret tokens. The name is mostly for your administration and the redirect URI is what the authentication process will redirect back to with the relevant tokens once authenticated.

Once you have created the new API client your Client ID can be found inside the table. The Client Secret can be found by hovering over the table row and pressing Bekijk secret.

When authenticating the following grand types are supported: authorization_code, password and client_credentials.

All access tokens have an expiration of 2 weeks and refresh tokens expire after 1 hour.

All requests should contain the Accept header with value application/json.

Authorization

Once a client has been created, developers may use their client ID and secret to request an authorization code and access token from your application.

Requesting tokens

GET https://gofundo.nl/oauth/authorize

This request will return a JSON response containing access_token, refresh_token, and expires_in attributes. The expires_in attribute contains the number of seconds until the access token expires.

Query Parameters

{"error":"invalid_client","error_description":"Client authentication failed","message":"Client authentication failed"}

Getting access tokens

POST https://gofundo.nl/oauth/token

This request will return a JSON response containing access_token, refresh_token, and expires_in attributes. The expires_in attribute contains the number of seconds until the access token expires.

Request Body

Refreshing tokens

POST https://gofundo.nl/oauth/token

When the access_token has expired you will need to refresh your access_token via the refresh_token that was provided when the access token was issued.

Request Body