API Documentation

Authentication

The way of being super sneaky and secure

OAuth Authentication

Billit uses OAuth 2.0 as the standard authentication method to ensure security, scalability, and user control.

Why OAuth?

  • Stronger security than API keys
  • Users explicitly grant and revoke access by logging in
  • Users can disconnect integrations at any time

Getting Started

  1. Review the Getting Started with OAuth guide.
  2. Contact Billit Support to request OAuth credentials.
    • You will receive a Client ID and Client Secret for sandbox testing.
  3. Once your integration is ready for production, submit it for approval.
    • After approval, production credentials will be issued.



sequenceDiagram 
    participant Developer
    participant Billit
    
Developer->>Billit: send mail to [email protected] to to request Client ID and Secret for AppName and Redirect URL on Sandbox.
Billit->>Developer: confirms with Client ID & Secret	for Sandbox

OAuth 2.0 Flow


sequenceDiagram
    participant User
    participant App
    participant BillitAuth as Billit Auth Server
    participant Backend

    User->>App: Click "Login with Billit"
    App->>BillitAuth: Redirect (client_id, redirect_uri, scopes)
    BillitAuth->>User: Login & consent screen
    User->>BillitAuth: Credentials + consent
    BillitAuth->>App: Redirect with auth_code → redirect_uri
    App->>Backend: Send auth_code
    Backend->>BillitAuth: Exchange code for tokens (client_id, secret)
    BillitAuth->>Backend: Access_token + refresh_token
    Backend->>App: Session established




What’s Next