Moneybird API Oauth Issue – Token Request

March 8, 2014 | | Blog |

The example code in the moneybird API for oauth doesn’t give a clear picture of what has to be performed to get the access token.

consumer_key = “xxxxx”
consumer_secret = “xxxx”
# This is the subdomain of the account you want to communicate with
subdomain = “xxxxxx”
1) Step 1
# Request a request token
request_token_uri = “https://#{subdomain}.moneybird.nl/oauth/request_token”

You need to pass the following values

oauth_consumer_key, oauth_signature_method=”PLAINTEXT”, oauth_timestamp, oauth_nonce, oauth_callback, oauth_signature. Even though the recommended signature method is HMAC-SHA1, Plaintext works without issues

You will receive a request_token and request_secret from the above request

2)Step 2

authorize_uri = “https://#{subdomain}.moneybird.nl/oauth/authorize?oauth_token=request_token”

redirect user to authorize_uri and you will receive a oauth_verifier

3) Step 3

To get the access token

access_token_uri = “https://#{subdomain}.moneybird.nl/oauth/access_token”
You need to pass the following values
oauth_consumer_key, oauth_token, oauth_signature_method=”PLAINTEXT”, oauth_timestamp, oauth_nonce, oauth_verifier, oauth_signature

You will receive a token and token secret. Store it in DB for later use.