Table of Contents
- What is OAuth?
- Creating a new OAuth application
- Creating a new developer application
- Revoking user tokens
- Deleting an application
- Interacting with the API through OAuth
When creating an application that requires access to DNSimple or letting an external application request authorization to private details in a user’s DNSimple account without getting their password, you’ll need an OAuth token.
If you only need basic access to the API, a regular user or account token can be used instead.
What is OAuth?
OAuth 2 is a protocol that lets external applications request authorization to private details in a user’s DNSimple account without getting their password. This is preferred over Basic Authentication, because tokens can be revoked by users at any time.
Developers need to register their application before starting. A registered OAuth application is assigned a unique client ID and client secret. The client secret should not be shared.
Creating a new OAuth application
To generate an OAuth application, log in to your account, and navigate to your account page.
Once you’re there, click on the link in the left menu, then go to Developer Applications at the bottom of the screen.
Your applications are listed here. This also lets you create a new application or remove an existing one.
Creating a new developer application
Click on the link to add a new access token.
When you create a new application, you’ll need to provide a few details, including Application Name, a Homepage URL, and an Authorization Callback URL.
Adding an application description is optional.
When created, you’ll be taken to the page with your new application, showing your Client ID and Client Secret.
Both the Client ID and Client Secret are unique to your application, and the client secret should not be shared.
Revoking user tokens
You can revoke all user tokens for your application by clicking the ‘Revoke’ button.
This cannot be undone. All clients will lose access to your application.
Deleting an application
To delete an application, click the ‘Delete’ button.
This action cannot be undone, and will permanently delete your application. Any clients using the application will no longer be able to access DNSimple.
When deleting an application, you’ll receive a warning prompt to ensure you want to continue.
Interacting with the API through OAuth
For more details and step-by-step instructions on how to interact with DNSimple’s API through OAuth, check our our developer guide here.