Developers & API

OAuth 2.0 for REST API

OAuth 2.0 Client Credentials

Used by the REST API v1 for machine-to-machine access (integrations, dashboards, server-side apps).

1. Create an OAuth app

- Where: API Apps (logged-in trainer/admin). - Result: `client_id` and `client_secret` (secret only at creation).

2. Get an access token

``` POST /api/oauth/token Content-Type: application/x-www-form-urlencoded

grant_type=client_credentials&client_id=CLIENT_ID&client_secret=CLIENT_SECRET ```

Response: `access_token`, `expires_in` (seconds), `scope`.

3. Call the API

``` Authorization: Bearer ```

Scopes

- `read` — List and get resources. - `write` — Create, update, archive (where supported).

Rate limits

Per OAuth app, by subscription: see Rate Limits.

Related Resources

Ready to implement these strategies?

Join thousands of trainers using BuildStability to automate engagement tracking and prevent churn.

Start Your Free Trial