Authentication for a desktop / mobile application
This guide outlines the process for authenticating a user using a compiled application such as a desktop or mobile application.
Obtain an Application Secret
The Application Secret is used to sign authenticated requests to the API, and should never be revealed publicly. Your Secret will appear underneath your API Key in the Edit API Key screen. Read more...
Direct the user to API Permissions
Users must give permission for your application to access their account. To do this, you ask your user to visit a special Blipfoto URL, providing your API Key. Upon approval, they will be shown a 6-digit code, which your application should prompt for. Read more...
Obtain an Identity Token
After receiving this 6-digit temporary token from the user, your application can exchange it for an Identity Token. The Identity Token is used to identify the user and your application to the API. Read more...
Sign calls to authenticated resources
You now have all that is required to authenticate calls for your user. The Application Secret and Identity Token are used to create a signature that verifies the user to the API. Read more...