Authentication for Mobile and Desktop Applications

A mobile or desktop application needs to listen on a specific localhost port. The listening method is implementation specific and irrelevant for the purpose of the present discussion. For example, an application may listen on the port 7000.

• Register your application in Bitrix24.Market;
• Create a new application version in Bitrix24.Market specifying the URL like http://localhost:7000;
• Install the new version on a test instance of Bitrix24 Intranet by clicking Install on my Intranet in the version information page.
• Using the browser, request keys from a remote server from (alternatively, you could add a key request control to your app):

  https://intranet_name.bitrix24.com/oauth/authorize/?client_id=app_ID&response_type=code&redirect_uri=http%3A%2F%2Flocalhost%3A70005

• The server redirects the browser to the application supplied URL:

  http://localhost:7000/?code=authentication_request_code&domain=intranet_name.bitrix24.com
  
  Once the data has been acquired, no browser interaction is required.

• Next, the application has to send a HTTP request to:

  https://intranet_name.bitrix24.com/oauth/token/?client_id=app_ID&grant_type=authorization_code&client_secret=app_secret_key&redirect_uri=http%3A%2F%2Flocalhost%3A70005&code=authentication_request_code&scope=required_permission
  
  It is best to send the request without using the browser.

• The server will respond with a JSON string containing data required to send further requests to the server.

  {"access_token":"REST service access key","expires_in":3600,"scope":"user","refresh_token":"authentication renew key","domain":"intranet_name.bitrix24.com","member_id":"unique_intranet_ID"}

  Now your application can send requests to the REST service.