If you are implementing server-to-server authentication with Daisycon, this guide will help you set up OAuth using a CLI (Command-Line Interface) flow. Follow the steps below to get started.
Getting Started
Before setting up OAuth via CLI, ensure you have:
- A developer account and app created within your account.
Important: When creating your app, request only the permissions your app needs. For example, if the app only fetches statistics, avoid requesting permissions to modify user or account information. The developer configuring the app must also have these permissions.
During app creation, we recommend registering the Daisycon CLI Authorized Redirect URL as the Authorized Redirect URI for your app.
CLI Authorized Redirect URL
https://login.daisycon.com/oauth/cli
Once configured, your app setup might look like this:
OAuth Flow: One-Time Setup for CLI
If you want to set up a connection via server to server communication, cron jobs or other background tasks, you only need to go through the OAuth flow once to obtain the refresh token. Store this token securely so you can use it later in HTTP requests without requiring user interaction again.
OAuth Flow: Out-of-the-Box Solutions
Daisycon provides two ready-to-use solutions for OAuth over CLI:
Refer to the README.md
file in each repository for instructions. Below, we explain how to use the PHP example.
Using the PHP Example
Run the PHP script with your desired arguments. Use --help
to view all options. We recommend providing the following arguments:
- clientId: Your application’s Client ID
- clientSecret: Your application’s Client Secret
- outputFile: The file where tokens will be stored
Example command:
php PHP/cli-client.php --clientId="YOUR_CLIENT_ID" --clientSecret="YOUR_CLIENT_SECRET" --outputFile="daisycon-api-tokens.json"
After running the command, the script will prompt you to open a URL in your browser, complete the login process, and paste the response code back into the terminal. It will look like this:
Once you paste the code, the script will exchange it for an access token and a refresh token. If you specified an output file, the tokens will be saved there; otherwise, they will be displayed on the screen.
These tokens can be used for automating API calls. As long as you refresh the tokens within 30 days and do not revoke them, no further user interaction is required.
Automating API Requests After Setup
Once you have obtained the first access token, you do not need to log in again. Use the refresh token to generate new access tokens automatically.
Refer to the OAuth authentication guide for details on refreshing tokens and keeping your integration active.
Troubleshooting oAuth over CLI
If you encounter authentication issues, check the following:
-
"Authorization grant is invalid, expired, or revoked"
- Ensure theredirect_uri
matches what was used during authorization.
- The authorizationcode
is one-time use—request a new one if already used.
- Exchange the authorization code immediately after obtaining it. -
"Invalid Client ID or Secret"
- Verify thatclient_id
andclient_secret
match those registered for your app. -
"Token Expired"
- Use the refresh token before it expires (within 30 days).
- If expired, restart the flow to obtain a new authorization code.
Conclusion
Using Daisycon’s OAuth over CLI allows for secure and flexible server-to-server communication. Once set up, tokens can be refreshed automatically without further user interaction, making it ideal for automated and background tasks.