Authentication
The way of being super sneaky and secure
OAuth Authentication
Billit uses OAuth 2.0 as the standard authentication method to ensure security, scalability, and user control.
Why OAuth?
- Stronger security than API keys
- Users explicitly grant and revoke access by logging in
- Users can disconnect integrations at any time
Getting Started
- Review the Getting Started with OAuth guide.
- Contact Billit Support to request OAuth credentials.
- You will receive a Client ID and Client Secret for sandbox testing.
 
- Once your integration is ready for production, submit it for approval.
- After approval, production credentials will be issued.
 
sequenceDiagram 
    participant Developer
    participant Billit
    
Developer->>Billit: send mail to [email protected] to to request Client ID and Secret for AppName and Redirect URL on Sandbox.
Billit->>Developer: confirms with Client ID & Secret	for Sandbox
OAuth 2.0 Flow
sequenceDiagram
    participant User
    participant App
    participant BillitAuth as Billit Auth Server
    participant Backend
    User->>App: Click "Login with Billit"
    App->>BillitAuth: Redirect (client_id, redirect_uri, scopes)
    BillitAuth->>User: Login & consent screen
    User->>BillitAuth: Credentials + consent
    BillitAuth->>App: Redirect with auth_code → redirect_uri
    App->>Backend: Send auth_code
    Backend->>BillitAuth: Exchange code for tokens (client_id, secret)
    BillitAuth->>Backend: Access_token + refresh_token
    Backend->>App: Session established
Updated about 1 month ago
What’s Next