ButterflyMX utilizes the OAuth 2 protocol to facilitate authorization. OAuth is an authorization framework that enables a third-party application to obtain access to protected resources (Buildings, Tenants, Door Release Events, etc.) in the ButterflyMX API. The following guide will walk through ButterflyMX’s implementation of OAuth and how it will be leveraged by your application.

Redirect a user to the authentication page

Exchange a code to access_token

curl --location --request POST '' \
--form 'grant_type=authorization_code' \
--form 'code=HERE' \
--form 'client_id=HERE' \
--form 'client_secret=HERE' \
--form 'redirect_uri=urn:ietf:wg:oauth:2.0:oob'

Refresh access_token using refresh_token

curl --location --request POST '' \
--form 'grant_type=refresh_token' \
--form 'client_id=HERE' \
--form 'refresh_token=HERE'