Developer FAQ

OAuth is an authentication protocol that allows users to approve application to act on their behalf without sharing their password. Learn more about OAuth from these resources:

• http://oauth.net/2/
• https://www.digitalocean.com/community/tutorials/an-introduction-to-oauth-2
• http://knpuniversity.com/screencast/oauth

You can create new applications on the ZinC Developer Site at https://developer.zubiecar.com/zinc.  Simply login with your using your Zubie user or create one and get started.    

Tokens expire after 24 hours.  The refresh token provided during the initial authentication flow can be exchanged for a new token.

On occasion a user’s access token may become invalid, and you will need to refresh the token or re-authorize that user. Gracefully handling these occurrences is imperative for a quality user experience.  API calls made with invalid tokens will fail with HTTP status code 401. If you get a 401 response and have a refresh token for that user, you can get a new set of tokens by POSTing URL-encoded form fields (specifying a grant_type of “refresh_token” and providing the client_id, client_secret, and refresh_token) to the API token URL.