To call our API you'll need a token. You can get this token in two steps. To begin the flow, you'll need to get the user's authorization. You do this by redirecting the user to the authorize URL:
You need to add the following fields to the URL as query parameters:
This is your unique client ID, you'll get this when you become an Unless partner.
The URL you need the customer to redirect back to after authenticating. This needs to be whitelisted in our system.
Available scopes are:
The response type should be 'code'.
The audience should be 'https://auth-api.unless.com'
The user will see a login prompt and a consent dialog. After a successful login and consent the user will be redirected to the 'redirect_url'. If all goes well, you'll receive an HTTP 302 response. The authorization code is included at the end of the URL:
HTTP/1.1 302 Found Location: https://YOUR_APP/callback?code=AUTHORIZATION_CODE