All URIs are relative to https://app.quantimo.do/api
| Method | HTTP request | Description |
|---|---|---|
| getAccessToken | GET /v3/oauth2/token | Get a user access token |
| getOauthAuthorizationCode | GET /v3/oauth2/authorize | Request Authorization Code |
| postGoogleIdToken | POST /v3/googleIdToken | Post GoogleIdToken |
getAccessToken($grant_type, $code, $response_type, $scope, $client_id, $client_secret, $redirect_uri, $state, $platform)
Get a user access token
Client provides authorization token obtained from /api/v3/oauth2/authorize to this endpoint and receives an access token. Access token can then be used to query API endpoints. ### Request Access Token After user approves your access to the given scope form the https:/app.quantimo.do/v1/oauth2/authorize endpoint, you'll receive an authorization code to request an access token. This time make a POST request to /api/v1/oauth/access_token with parameters including: * grant_type Can be authorization_code or refresh_token since we are getting the access_token for the first time we don't have a refresh_token so this must be authorization_code. * code Authorization code you received with the previous request. * redirect_uri Your application's redirect url. ### Refreshing Access Token Access tokens expire at some point, to continue using our api you need to refresh them with refresh_token you received along with the access_token. To do this make a POST request to /api/v1/oauth/access_token with correct parameters, which are: * grant_type This time grant type must be refresh_token since we have it. * clientId Your application's client id. * client_secret Your application's client secret. * refresh_token The refresh token you received with the access_token. Every request you make to this endpoint will give you a new refresh token and make the old one expired. So you can keep getting new access tokens with new refresh tokens. ### Using Access Token Currently we support 2 ways for this, you can't use both at the same time. * Adding access token to the request header as Authorization: Bearer {access_token} * Adding to the url as a query parameter ?access_token={access_token} You can read more about OAuth2 from here
<?php
require_once(__DIR__ . '/vendor/autoload.php');
// Configure API key authorization: access_token
$config = QuantiModo\Client\Configuration::getDefaultConfiguration()->setApiKey('access_token', 'YOUR_API_KEY');
// Uncomment below to setup prefix (e.g. Bearer) for API key, if needed
// $config = QuantiModo\Client\Configuration::getDefaultConfiguration()->setApiKeyPrefix('access_token', 'Bearer');
// Configure OAuth2 access token for authorization: quantimodo_oauth2
$config = QuantiModo\Client\Configuration::getDefaultConfiguration()->setAccessToken('YOUR_ACCESS_TOKEN');
$apiInstance = new QuantiModo\Client\Api\AuthenticationApi(
// If you want use custom http client, pass your client which implements `GuzzleHttp\ClientInterface`.
// This is optional, `GuzzleHttp\Client` will be used as default.
new GuzzleHttp\Client(),
$config
);
$grant_type = "grant_type_example"; // string | Grant Type can be 'authorization_code' or 'refresh_token'
$code = "code_example"; // string | Authorization code you received with the previous request.
$response_type = "response_type_example"; // string | If the value is code, launches a Basic flow, requiring a POST to the token endpoint to obtain the tokens. If the value is token id_token or id_token token, launches an Implicit flow, requiring the use of Javascript at the redirect URI to retrieve tokens from the URI #fragment.
$scope = "scope_example"; // string | Scopes include basic, readmeasurements, and writemeasurements. The `basic` scope allows you to read user info (displayName, email, etc). The `readmeasurements` scope allows one to read a user's data. The `writemeasurements` scope allows you to write user data. Separate multiple scopes by a space.
$client_id = "client_id_example"; // string | Your QuantiModo client id can be obtained by creating an app at https://builder.quantimo.do
$client_secret = "client_secret_example"; // string | This is the secret for your obtained clientId. We use this to ensure that only your application uses the clientId. Obtain this by creating a free application at [https://builder.quantimo.do](https://builder.quantimo.do).
$redirect_uri = "redirect_uri_example"; // string | The redirect URI is the URL within your client application that will receive the OAuth2 credentials.
$state = "state_example"; // string | An opaque string that is round-tripped in the protocol; that is to say, it is returned as a URI parameter in the Basic flow, and in the URI
$platform = "platform_example"; // string | Ex: chrome, android, ios, web
try {
$apiInstance->getAccessToken($grant_type, $code, $response_type, $scope, $client_id, $client_secret, $redirect_uri, $state, $platform);
} catch (Exception $e) {
echo 'Exception when calling AuthenticationApi->getAccessToken: ', $e->getMessage(), PHP_EOL;
}
?>| Name | Type | Description | Notes |
|---|---|---|---|
| grant_type | string | Grant Type can be 'authorization_code' or 'refresh_token' | |
| code | string | Authorization code you received with the previous request. | |
| response_type | string | If the value is code, launches a Basic flow, requiring a POST to the token endpoint to obtain the tokens. If the value is token id_token or id_token token, launches an Implicit flow, requiring the use of Javascript at the redirect URI to retrieve tokens from the URI #fragment. | |
| scope | string | Scopes include basic, readmeasurements, and writemeasurements. The `basic` scope allows you to read user info (displayName, email, etc). The `readmeasurements` scope allows one to read a user's data. The `writemeasurements` scope allows you to write user data. Separate multiple scopes by a space. | |
| client_id | string | Your QuantiModo client id can be obtained by creating an app at https://builder.quantimo.do | [optional] |
| client_secret | string | This is the secret for your obtained clientId. We use this to ensure that only your application uses the clientId. Obtain this by creating a free application at https://builder.quantimo.do. | [optional] |
| redirect_uri | string | The redirect URI is the URL within your client application that will receive the OAuth2 credentials. | [optional] |
| state | string | An opaque string that is round-tripped in the protocol; that is to say, it is returned as a URI parameter in the Basic flow, and in the URI | [optional] |
| platform | string | Ex: chrome, android, ios, web | [optional] |
void (empty response body)
access_token, quantimodo_oauth2
- Content-Type: application/json
- Accept: application/json
[Back to top] [Back to API list] [Back to Model list] [Back to README]
getOauthAuthorizationCode($response_type, $scope, $client_id, $client_secret, $redirect_uri, $state, $platform)
Request Authorization Code
You can implement OAuth2 authentication to your application using our OAuth2 endpoints. You need to redirect users to /api/v3/oauth2/authorize endpoint to get an authorization code and include the parameters below. This page will ask the user if they want to allow a client's application to submit or obtain data from their QM account. It will redirect the user to the url provided by the client application with the code as a query parameter or error in case of an error. See the /api/v1/oauth/access_token endpoint for the next steps.
<?php
require_once(__DIR__ . '/vendor/autoload.php');
// Configure API key authorization: access_token
$config = QuantiModo\Client\Configuration::getDefaultConfiguration()->setApiKey('access_token', 'YOUR_API_KEY');
// Uncomment below to setup prefix (e.g. Bearer) for API key, if needed
// $config = QuantiModo\Client\Configuration::getDefaultConfiguration()->setApiKeyPrefix('access_token', 'Bearer');
// Configure OAuth2 access token for authorization: quantimodo_oauth2
$config = QuantiModo\Client\Configuration::getDefaultConfiguration()->setAccessToken('YOUR_ACCESS_TOKEN');
$apiInstance = new QuantiModo\Client\Api\AuthenticationApi(
// If you want use custom http client, pass your client which implements `GuzzleHttp\ClientInterface`.
// This is optional, `GuzzleHttp\Client` will be used as default.
new GuzzleHttp\Client(),
$config
);
$response_type = "response_type_example"; // string | If the value is code, launches a Basic flow, requiring a POST to the token endpoint to obtain the tokens. If the value is token id_token or id_token token, launches an Implicit flow, requiring the use of Javascript at the redirect URI to retrieve tokens from the URI #fragment.
$scope = "scope_example"; // string | Scopes include basic, readmeasurements, and writemeasurements. The `basic` scope allows you to read user info (displayName, email, etc). The `readmeasurements` scope allows one to read a user's data. The `writemeasurements` scope allows you to write user data. Separate multiple scopes by a space.
$client_id = "client_id_example"; // string | Your QuantiModo client id can be obtained by creating an app at https://builder.quantimo.do
$client_secret = "client_secret_example"; // string | This is the secret for your obtained clientId. We use this to ensure that only your application uses the clientId. Obtain this by creating a free application at [https://builder.quantimo.do](https://builder.quantimo.do).
$redirect_uri = "redirect_uri_example"; // string | The redirect URI is the URL within your client application that will receive the OAuth2 credentials.
$state = "state_example"; // string | An opaque string that is round-tripped in the protocol; that is to say, it is returned as a URI parameter in the Basic flow, and in the URI
$platform = "platform_example"; // string | Ex: chrome, android, ios, web
try {
$apiInstance->getOauthAuthorizationCode($response_type, $scope, $client_id, $client_secret, $redirect_uri, $state, $platform);
} catch (Exception $e) {
echo 'Exception when calling AuthenticationApi->getOauthAuthorizationCode: ', $e->getMessage(), PHP_EOL;
}
?>| Name | Type | Description | Notes |
|---|---|---|---|
| response_type | string | If the value is code, launches a Basic flow, requiring a POST to the token endpoint to obtain the tokens. If the value is token id_token or id_token token, launches an Implicit flow, requiring the use of Javascript at the redirect URI to retrieve tokens from the URI #fragment. | |
| scope | string | Scopes include basic, readmeasurements, and writemeasurements. The `basic` scope allows you to read user info (displayName, email, etc). The `readmeasurements` scope allows one to read a user's data. The `writemeasurements` scope allows you to write user data. Separate multiple scopes by a space. | |
| client_id | string | Your QuantiModo client id can be obtained by creating an app at https://builder.quantimo.do | [optional] |
| client_secret | string | This is the secret for your obtained clientId. We use this to ensure that only your application uses the clientId. Obtain this by creating a free application at https://builder.quantimo.do. | [optional] |
| redirect_uri | string | The redirect URI is the URL within your client application that will receive the OAuth2 credentials. | [optional] |
| state | string | An opaque string that is round-tripped in the protocol; that is to say, it is returned as a URI parameter in the Basic flow, and in the URI | [optional] |
| platform | string | Ex: chrome, android, ios, web | [optional] |
void (empty response body)
access_token, quantimodo_oauth2
- Content-Type: application/json
- Accept: application/json
[Back to top] [Back to API list] [Back to Model list] [Back to README]
postGoogleIdToken()
Post GoogleIdToken
Post GoogleIdToken
<?php
require_once(__DIR__ . '/vendor/autoload.php');
$apiInstance = new QuantiModo\Client\Api\AuthenticationApi(
// If you want use custom http client, pass your client which implements `GuzzleHttp\ClientInterface`.
// This is optional, `GuzzleHttp\Client` will be used as default.
new GuzzleHttp\Client()
);
try {
$apiInstance->postGoogleIdToken();
} catch (Exception $e) {
echo 'Exception when calling AuthenticationApi->postGoogleIdToken: ', $e->getMessage(), PHP_EOL;
}
?>This endpoint does not need any parameter.
void (empty response body)
No authorization required
- Content-Type: application/json
- Accept: application/json
[Back to top] [Back to API list] [Back to Model list] [Back to README]