The example code in the moneybird API for oauth doesn’t give a clear picture of what has to be performed to get the access token.

consumer_key = “xxxxx”
consumer_secret = “xxxx”
# This is the subdomain of the account you want to communicate with
subdomain = “xxxxxx”
Step 1
# Request a request token
request_token_uri = “https://#{subdomain}”

You need to pass the following values

oauth_consumer_key, oauth_signature_method=”PLAINTEXT”, oauth_timestamp, oauth_nonce, oauth_callback, oauth_signature. Even though the recommended signature method is HMAC-SHA1, Plaintext works without issues

You will receive a request_token and request_secret from the above request

Step 2

authorize_uri = “https://#{subdomain}”

redirect user to authorize_uri and you will receive a oauth_verifier

Step 3

To get the access token

access_token_uri = “https://#{subdomain}”
You need to pass the following values
oauth_consumer_key, oauth_token, oauth_signature_method=”PLAINTEXT”, oauth_timestamp, oauth_nonce, oauth_verifier, oauth_signature

You will receive a token and token secret. Store it in DB for later use.

Related Posts