Create your first app

A step-by-step process to setup your first app

Step 1: API token

Make sure you have the relevant API token.

Partners or directory owners can use their directory tokens.


We currently do not support business tokens for app creation

If you don't know what your directory is, please reach out to your customer success rep. for further assistance.

Step 2. Create an app

Below is the barebone info needed for creating an app within inTandem platform:

curl --request POST \
     --url \
     --header 'Accept: application/json' \
     --header 'Authorization: Bearer {YOUR_TOKEN}' \
     --header 'Content-Type: application/json' \
     --data '
     "name": "My first app",
     "redirect_uri": "",
     "trusted": "true"



One of the more common tasks that applications perform is authentication flows with businesses.
The redirect_uri is the URL on your end that you want clients to be redirected to after the auth process is complete.
For additional info please refer to the OAuth2 guide.


  "data": {
    "app_code_name": "myfirstapp",
    "app_id": "123456789ab",
    "client_id": "e0faca0a2bca52368adfd0ac6035c7a596fbcdaa1390c7fa9af83f230f29",
    "client_secret": "4095d7bf3f7ec355be4ab32b7320bb4e4b3e1097ddae83cce05b479",
    "name": "My first app"
  "status": "OK"



You've created your first app within inTandem platform!

Step 3: Storing the client_id and client_secret

Store the app_code_name, client_id and client_secret on your DB for future use.
There will be no way of retrieving the client_id and client_secret later on.



The app_code_name is created based on the app name. In cases where an app with the same code name already exists a post-fix string will be added to the app_code_name.

Step 4: Generating API and OAuth tokens for your app

Now that you have the app ready, you can generate an API token for your app that will operate as your business token.
Instructions for generating an API token for apps can be found in this API reference.

The advantage of using the application's token, instead of your direct API token, is the security it offers. If you are working with 3rd party developers, you can share this token with them, and when necessary, you can revoke it if you suspect it is being abused.

In addition to creating API tokens, your app can interact with other businesses by receiving their permission to connect with your app, using the OAuth2 flow. Using the client_id and client_secret you received when created the app, you can complete an OAuth flow as described here.