Make your first authenticated request to the DoorFlow API and get your account details.
Prerequisites
Before making your first API request, you'll need:
- A DoorFlow Developer account - Sign up here if you haven't already
- An OAuth application - Create one here
- An access token - Obtained by completing the OAuth authorization flow
Step 1: Get Your Access Token
To get an access token, you need to complete the OAuth authorization flow:
- Navigate to your OAuth application's details page in the Developer Portal
- Find the "OAuth Authorize URL" section
- Visit that URL to authorize your application
- After authorization, you'll be redirected with an authorization code
- Exchange the code for an access token:
curl -X POST "https://api.doorflow.com/oauth/token" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "grant_type=authorization_code" \
-d "code=YOUR_AUTH_CODE" \
-d "client_id=YOUR_CLIENT_ID" \
-d "client_secret=YOUR_CLIENT_SECRET" \
-d "redirect_uri=YOUR_REDIRECT_URI"
The response will contain your access_token.
Alternatively, use the interactive demo feature on your application page which handles OAuth automatically.
Security Note: Never commit access tokens to version control or share them publicly. Treat them like passwords!
Step 2: Make Your First Request
Open your terminal and run this curl command, replacing YOUR_ACCESS_TOKEN with your actual token:
curl -X GET "https://api.doorflow.com/api/3/account" \
-H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
-H "Accept: application/json"
Understanding the Request
Let's break down what's happening:
-
Method:
GET- We're retrieving data, not creating or modifying anything -
URL:
https://api.doorflow.com/api/3/account- The account endpoint returns your account details -
Authorization header:
Bearer YOUR_ACCESS_TOKEN- This authenticates your request -
Accept header:
application/json- We want JSON responses (this is the default)
Step 3: Understanding the Response
If everything worked, you'll see a response like this:
{
"id": "acc_1234567890",
"name": "Acme Corporation",
"plan": "professional",
"created_at": "2024-01-15T10:30:00Z",
"timezone": "America/Los_Angeles"
}
Response Fields
- id: Your unique account identifier (you'll use this in webhook URLs)
- name: Your account/organization name
- plan: Your current subscription plan
- created_at: When your account was created
- timezone: Your account's default timezone
Common Issues
401 Unauthorized
{
"error": "invalid_token",
"error_description": "The access token is invalid"
}
Solution: Double-check that you copied your token correctly and that it hasn't expired.
403 Forbidden
{
"error": "insufficient_scope",
"error_description": "The token does not have the required scope"
}
Solution: Make sure your OAuth application has the required scope enabled and that the scope was approved.
Next Steps
Congratulations! You've made your first API request. Here's what to explore next:
Next Steps
Quickstart Guide
Get from zero to granting door access in 15 minutes with this complete workflow
Core Resources Reference
Quick reference for People, Credentials, Channels, Groups, and Roles
OAuth Authorization Flow
Complete OAuth 2.0 setup from testing to production in 15 minutes
Choosing the Right Scopes
Select the right OAuth scopes for your application
Try More Endpoints
Now that you know how to make authenticated requests, try these endpoints:
List Channels (Doors)
List People
Rate Limits: The API allows 120 requests per minute per access token.