Authentication
The way of being super sneaky and secure
OAuth Authentication
Billit uses OAuth 2.0 as the standard authentication method to ensure security, scalability, and user control.
- Mandatory for multi-user integrations: Any integration that serves multiple Billit users must use OAuth.
- Optional for single-user use: For personal or single-tenant use cases, OAuth is recommended but not required.
Why OAuth?
- Stronger security than API keys
- Users explicitly grant and revoke access by logging in
- Users can disconnect integrations at any time
Getting Started
- Review the Getting Started with OAuth guide.
- Contact Billit Support to request OAuth credentials.
- You will receive a Client ID and Client Secret for sandbox testing.
- Once your integration is ready for production, submit it for approval.
- After approval, production credentials will be issued.
sequenceDiagram participant Developer participant Billit Developer->>Billit: send mail to [email protected] to to request Client ID and Secret for AppName and Redirect URL on Sandbox. Billit->>Developer: confirms with Client ID & Secret for Sandbox
OAuth 2.0 Flow
sequenceDiagram participant User participant App participant BillitAuth as Billit Auth Server participant Backend User->>App: Click "Login with Billit" App->>BillitAuth: Redirect (client_id, redirect_uri, scopes) BillitAuth->>User: Login & consent screen User->>BillitAuth: Credentials + consent BillitAuth->>App: Redirect with auth_code → redirect_uri App->>Backend: Send auth_code Backend->>BillitAuth: Exchange code for tokens (client_id, secret) BillitAuth->>Backend: Access_token + refresh_token Backend->>App: Session established
Updated 3 days ago
What’s Next