Whisk Docs
Whisk HomeHelp CenterDeveloper Tools
v2.0.0
v2.0.0
  • The Whisk Platform
  • Whisk API Overview
    • Introduction
    • Integration
    • Authentication
      • Server Token
      • User Access Token
        • Auth Flow Example
      • Client Token
      • Anonymous Access from Client Apps
    • Whisk Sandbox
    • Getting Started
  • Whisk API Reference 2.0
    • Provisioning
      • Get provisioning
    • Autocomplete
    • Community
      • Get your Communities
      • Get Communities from a Topic
      • Discover Recommended Communities
      • Search Communities
      • Get a Community
      • Get Recipes from a Community
      • Add Recipes to a Community
      • Remove a Recipe from a Community
      • Join a Community
      • Leave a Community
    • Posts and Reviews
      • Get reviews for a recipe
      • Create or edit review
      • Create a Post
      • Get Post by id
      • Delete a Post
      • Edit a Post
      • Report a Post
      • Create a Post Reply
      • Get Post Replies
      • Delete a Post reply
      • Report a Post reply
      • Like a Post or Reply
      • Users who liked a Post or Reply
    • Public profiles
      • Hide recipe in Public profile
      • Get Recipes for Public Profile
      • Get User's public profile by user_id
      • Get User's public profile by username
    • Custom Label
    • Feed
      • Obtain a Recipe Feed
    • Food DB
      • Autocomplete
      • Search
      • Get Food
    • Food List
    • Food Log
    • Foodpairing
    • Healthy meal recommendations
      • Healthy recipe only recommendations for DA
      • Recipe recommendations for SH
      • Tailored Plan API request for Samsung TV
    • Meal Plan
      • Generate a Meal Plan
      • Meal Object
        • Get Meals
        • Delete Meal
        • Add a Meal
      • Meal Plan Settings Object
        • Get Meal Plan Settings
        • Update Meal Plan Settings
      • Meal Plan Batch
    • Recipe
      • Get a Recipe
      • Search a Recipe
      • User Recipes & Collections
        • Add User Recipe
        • Create A Recipe
        • Update External Recipe
        • Get All User Recipes
        • Update User Recipe
        • Remove Recipe from Favorites
        • Create Collection
        • Get All User Collections
        • Get Collection
        • Get Recipes from a Collection
        • Remove Collection
        • Get Smart Collection
        • Get Recipes from a Smart Collection
    • Shopping List
      • Get your Shopping Lists
      • Get a Shopping List
      • Create a Shopping List
      • Delete a Shopping List
      • Update basic details of a Shopping List
      • Move Items between Shopping Lists
      • Add Items to a Shopping List
      • Delete an Item from a Shopping List
      • Update an Item in a Shopping List
      • Clear Items from a Shopping List
    • Media
    • Store Item
    • Unit Conversion
    • Users
      • Get a User
      • Update User Settings using Patch
      • Update User Settings using Post
    • Try it out!
  • Shopping List SDK
    • Overview
    • Examples
      • Shoppable Recipes
      • Shoppable Products
      • Shoppable Media
    • Basic Setup
      • Basic Setup
      • Methods
      • Event Listeners
      • Widget
      • Subscriptions
      • Global Configuration
      • UTM Parameters
      • Using With SPA
  • Shopping List Mobile API
    • Overview
    • Examples
    • Reference
  • API Resources
    • Authentication Scopes
    • Errors and Troubleshooting
    • Cursor Pagination
    • Limits
    • Nutrients
    • Recipe Labels
    • Filtering Recipes using Custom Labels
    • Health Score, Glycemic Index, Glycemic Load
    • Whisk User Data
    • Integrated Retailers
    • Optimizing Image Load
    • Meal Plan
Powered by GitBook
On this page
  • Authenticating
  • Verification
  • Refreshing

Was this helpful?

  1. Whisk API Overview
  2. Authentication
  3. User Access Token

Auth Flow Example

Learn about the Whisk authentication flow.

PreviousUser Access TokenNextClient Token

Last updated 4 years ago

Was this helpful?

Authenticating

The process begins with a user attempting to access a feature that requires authentication. This could be from their recipe collection, meal plans, or when they visit a site that has integrated the Whisk APIs.

The above example walks through the authentication process of connecting Whisk to a Slack Bot. The user is passed off to the Whisk registration page to create a new account or log in with existing credentials. The following API request will redirect the user and define where to redirect the user after being authenticated.

`https://login.whisk.com/oauth/v2/authorize?` +
`scope=${REQUESTED_SCOPES}` +
`&client_id=${process.env.WHISK_CLIENT_ID}` +
`&response_type=code` +
`&redirect_uri=${REDIRECT_URI}` +
`&state=${state}`

Verification

Once the user has registered or logged in, Whisk will redirect them back to where they came from based on supplied theredirect_uri.

After the authentication redirection, you will need to handle the verification state and get the Whisk user token.

`https://login.whisk.com/oauth/v2/token` +
`?client_id=${WHISK_CLIENT_ID}` +
`&grant_type=authorization_code` +
`&code=${req.query.code}` +
`&client_secret=${WHISK_SECRET}`;

Refreshing

Now, when a user needs to access an API that requires authorization, you can use the saved token or retrieved a new one when that one expires. This is what that flow would potentially look like:

In this example, you would call the following code to refresh the Whisk auth token.

`https://login.whisk.com/oauth/v2/token` +
`?client_id=${WHISK_CLIENT_ID}` +
`&grant_type=refresh_token` +
`&refresh_token=${user.refresh}` +
`&client_secret=${WHISK_SECRET}`

Once you have the user's token, you'll want to save it in your app. You can learn more about accessing this token in the of the docs.

Now you can retrieve the new token from Whisk and update it where you stored it previously in your app. This is done by calling the .

user access token section
Refresh Token API