Please remember that OAuth2 is required for all public apps to be approved.
OAuth provides a secure way for your application to access Gorgias data without having to store or use sensitive data such as passwords/access tokens of Gorgias users. OAuth2 also provides more granular permissions via OAuth2 Scopes which further increases the security of our customers' data.
In OAuth2, the authentication is done using Bearer Access Tokens. Once you get them you can perform API calls like so:
curl --request GET \ --url https://your-customer-account.gorgias.com/api/account \ --header 'Authorization: Bearer YOUR-PLAIN-TEXT-ACCESS-TOKEN'
Access Token expiration
Please remember that OAuth Bearer Access Tokens expire after some time. This is done because sometimes applications only need temporary access to the API (e.g.: one time data import).
If your app needs permanent access you should request the
offlinescope described in OAuth2 Scopes and get a
refresh_tokenthat can be used to get a new
access_tokenwhen the old one expires.
Updated 9 months ago