Server Based Access to PipeDrive API

#1

I was using a generic API key in order to access the PipeDrive API from a server. This server maintains data integrity between our database and our PipeDrive data.

I recently saw this announcement:
Warning!

As of December 2, 2019 , we will be removing the Authorizations endpoint:

** POST /authorizations*

We deprecated this endpoint on February 28, 2019, and we strongly advise you to avoid the use of this endpoint. The /authorizations endpoint is a legacy way of authorization using generic API keys. Such an approach does not provide transparency into which applications have access to data nor the opportunity to control the permissions these integrations have. Therefore we suggest using OAuth Authorization.

In case you are using the /authorizations API endpoint in your code or 3rd party app/integration, please remove any dependency on this endpoint as soon as possible.

Please tell me that there is a way via your new implementation of OAuth that I can get a server based type of Key, just like GMail allows me to do, so that I don’t have to have a user signing in every time the server wants to make a call to the PipeDrive API.

  • Peter
#2

Hi Peter,
if you choose to use OAuth, the user will only have to approve the app once.
You can then store the access_token and refresh_token on your server, and you’ll be able to make calls for that specific user until they decide to uninstall the app.

Does that help?

#3

Dani,

It does help. Do you have a guide of moving to OAuth from your current Auth endpoint?

Peter

#4

I made a video on how to build an app that you might find useful. You can take a look here: https://www.youtube.com/watch?v=U6GBrUmfaR4

Also, you can read our documentation. You can start, for example, here: https://pipedrive.readme.io/docs/marketplace-creating-a-proper-app

Happy to help further if I can :slight_smile:

#5

Also, @psotos, there is an endpoint that you can use to convert an api_token to a pair of access_token and refresh_token. Which means that if you have the api_token of an user, you can install your app for them, without having them go through the authorization process.

Here’s how to use it: https://pipedrive.readme.io/docs/marketplace-migrating-existing-integration-users

#6

Thank you! Super helpful. I will look into converting our app soon. Its written in Java Spring 5

1 Like