API Authentication

REST Authentication for FormXtract

All of Quik!'s REST API's rely upon an OAuth2 Token authentication methodology. Each call to a Quik! resource will require a valid, unexpired OAuth2 Token that must be passed in the Authentication Header of the resource's request.

Header Key: Authorization

Header Value: Bearer {{Quik! OAuth Token}}  (For example, "Bearer cSEKkmV3bGGpYjfGDlQ87DI37HtI5YYMg...")



You may be able to use a single token multiple times across different service depending on the duration of the token and whether it can be regenerated. In case a request to any of our APIs returns a 401 Unauthorized error, then it means that the Quik! OAuth token expired or is invalid, so a new one must be generated.

Note: Tokens expire after 30 minutes.

How to Get a Quik! OAuth Token

In order to get a token, it's as simple as making the following POST request:

REST Authentication Server Endpoint - https://websvcs.quikforms.com/rest_authentication/token

Http Method - POST

Content-Type - application/x-www-form-urlencoded

Body - grant_type=password&username={{Quik! Username}}&password={{Quik! Password}}



As you can see above, a token request requires your Quik! username and password.

Note: Only a customer's Master Credentials are to be used when calling Quik! APIs (not end-user credentials)



Response Example

{ "access_token": "gfD4QVol1ZF8EDBEyZG...", "token_type": "bearer", "expires_in": 86399, "refresh_token": "VbIW0Iip4jokW4..." }



Note: The "access_token" property of the response (Json) is what needs to be placed in the Authorization Header of any Quik! API Request (as Bearer).



To refresh a token pass the Refresh Token that was generated when the original token was created. Not all services will allow for token refreshes.

Related pages

For help regarding Quik! Forms and the Quik! API
Email: support@quikforms.com | Phone: (877) 456-QUIK