Authorization

Description

The Authorization section facilitates the OAuth 2.0 flow, enabling third-party applications to request access to a user's COUNT account. This process ensures that users can securely authenticate, consent to data sharing, and allow external applications to act on their behalf.

🔁 Authorization Flow Overview:

1. Your frontend makes a GET request to /authorize-initiate → receives a COUNT authorization URL
2. Your frontend redirects the user to the returned URL → user logs in and grants permissions
3. COUNT redirects back to your redirect URI with a code
4. Your backend exchanges the code for an access token

The flow consists of two main parts:

1. Initiate Authorization: The client application requests an authorization URL from COUNT, which the user is redirected to for login and consent.
2. Token Exchange: Once the user grants permissions, the application exchanges the authorization code for an access token, which allows secure API interactions on the user's behalf.

Purpose

The Authorization flow allows your application to integrate with COUNT by:

• Initiating the process: Calling /auth2/authorize-initiate from your client application to generate the login redirect URL.
• Exchanging the authorization code: After user consent, the application exchanges the authorization code received in the redirect for an access token using the /partners/grant-access-token endpoint.

This OAuth 2.0 process ensures secure, token-based access, allowing the application to perform actions (such as posting transactions or retrieving account data) on behalf of users without compromising their credentials.