REST Authentication for FormXtract
All of Quik!'s REST API's rely upon an OAuth2 Token authentication methodology. Each call to a Quik! resource will require a valid, unexpired OAuth2 Token that must be passed in the Authentication Header of the resource's request.
Header Key: Authorization
Header Value: Bearer {{Quik! OAuth Token}} (For example, "Bearer cSEKkmV3bGGpYjfGDlQ87DI37HtI5YYMg...")
You may be able to use a single token multiple times across different service depending on the duration of the token and whether it can be regenerated. In case a request to any of our APIs returns a 401 Unauthorized error, then it means that the Quik! OAuth token expired or is invalid, so a new one must be generated.
Note: Tokens expire after 1 hour.
How to Get a Quik! OAuth Token
In order to get a token, it's as simple as making the following POST request:
REST Authentication Server Endpoint - https://websvcs.quikforms.com/rest_authentication/token
Http Method - POST
Content-Type - application/x-www-form-urlencoded
Body - grant_type=password&username={{Quik! Username}}&password={{Quik! Password}}
As you can see above, a token request requires your Quik! username and password.
Note: Only a customer's Master Credentials are to be used when calling Quik! APIs (not end-user credentials)
Response Example
{
"access_token": "gfD4QVol1ZF8EDBEyZG...",
"token_type": "bearer",
"expires_in": 86399,
"refresh_token": "VbIW0Iip4jokW4..."
}
Note: The "access_token" property of the response (Json) is what needs to be placed in the Authorization Header of any Quik! API Request (as Bearer).
To refresh a token pass the Refresh Token that was generated when the original token was created. Not all services will allow for token refreshes.
Token Request or Refresh: https://websvcs.quikforms.com/rest_authentication/token