I’ve created an App and a JSON Panel App Extension. This panel includes info from our data warehouse in Pipedrive.
I’m storing the user
refresh_token I got in the OAuth2 dance in a server side database.
When the Panel is drawn on the screen, Pipedrive makes a HTTP request to the API Endpoint that includes the expected parameters in the query string (according to the documentation,
resource, selectedIds, userId, companyId) and an unexpected parameter:
This is an example request, with some details hidden:
I’m not sure what’s this
I’ve tried using it as the
access_token for the API, but I’m getting an error.
I would like to clarify this because I’m not sure if I understand the process correctly.
Welcome to our Developers’ Community!
The token parameter in the URL is not for making any API requests. It’s there to help verify that the request came from a specific user/company in Pipedrive. Otherwise, anyone who knows the panel request URL could make requests on behalf of other users/companies.
The token can be decoded with either the panel’s JWT secret. Or if that’s not specified, then the
I hope this helps? Please let us know if you have further questions.
Thanks. This is gold; I think this should be added to the documentation.
This topic was automatically closed after 10 days. New replies are no longer allowed.