Logging In the Authentication Server

Accela API authentication uses the OAuth 2.0 standard and offers multiple login flows to suit different app implementation scenarios.

The login flow generates an access token, which you can use to make API calls on behalf of a user. Accela client SDK handles access token generation, persistence, signing of API calls automatically. Server-side login flow can be used in cases where use of client side SDK is not appropriate or you want to develop an app in a language where SDK is not yet available.

To get started, first log in to Accela Developer Portal and create an agency or citizen app. Enter “Authorized Redirect URIs” to limit the redirect URIs. It will prevent the access token that is appended to the redirect URI from sending to other URIs. Once an app is created, note down the app ID and app secret values. Then you can use the authorization code flow and implicit flow defined by OAuth2 to get access tokens. After getting the access tokens, you can invoke APIs using the access tokens.