Identify auth code with parther client id

My solution needs handle callback from one and more pipedrive account.

How can I recognise via auth code, who owner?

I have client_id and client_secret

Form ChatGPT)

When making API requests to Pipedrive CRM, you can include the client_id and client_secret as part of the authorization process to obtain an access token for a specific Pipedrive account.

To identify the owner of the Pipedrive account that authorized your solution, you can make a request to the Pipedrive API to retrieve information about the authorized user using the access token.

Here’s an example API request that retrieves information about the authorized user:

bashCopy code

GET https://api.pipedrive.com/v1/users/me?api_token=ACCESS_TOKEN

Replace ACCESS_TOKEN with the access token obtained through the authorization process. The response from this API request will include information about the authorized user, including their email address and user ID. You can use this information to identify the owner of the Pipedrive account that authorized your solution.

but I didn’t find that endpoint

I assume, best way it provide name of partner on callback

So you need a way to associate your records with the authenticated user. So when they add your app, they’ll go through and oauth flow to your app. You get a code in the callback from pipedrive , you use that to get an oauth token from them (https://oauth.pipedrive.com/oauth/token) then you have a token to use with their api. So you call /users/me and the resulting json gives you an company_id and company_domain which you can use to identify them. You already know their user account your end cos they should be authenticated in your app as part of the oauth flow (oauth redirect them to your app, you app requires login, user logs into your account, then hits your oauth callback endpoint) so you know your user_id and now you can get their company_id and now you can save that however it makes sense.

This is my rough C# equivalent, where code is part of the url string you receive in the callback, which I run after I’ve authenticated and authorized the user.

var result = new Dictionary<string, string>();
result.Add("grant_type", "authorization_code");
result.Add("code", code);
result.Add("redirect_uri", _appSettings.PipedriveCallbackUrl);
result.Add("Content-Type", "application/x-www-form-urlencoded");
try {
    // var stringContent = new StringContent(JsonConvert.SerializeObject(result), Encoding.UTF8, "application/x-www-form-urlencoded");
    client.DefaultRequestHeaders.TryAddWithoutValidation(
            "Authorization",
            string.Format("Basic {0}", StringHelper.Base64Encode(string.Format("{0}:{1}", _appSettings.PipedriveOauthClientId, _appSettings.PipedriveOauthClientSecret)))
    );
    // client.DefaultRequestHeaders.Add("Content-Type", "application/x-www-form-urlencoded");
    var encodedContent = new FormUrlEncodedContent(result);
    var response = client.PostAsync("https://oauth.pipedrive.com/oauth/token", encodedContent).Result;
    if (!response.IsSuccessStatusCode)
    {
      // handle the exception
      return;
    }
  // handle success - save your user data from the response
  // call https://api.pipedrive.com/v1/users/me?api_token=>token>
  // Then get your company_id or whatever you need to associate

Hope that makes sense and helps.