Skip to main content

Setup and Authorization

FreJun supports the OAuth 2.0 standard for authorizing third-party applications.

To get started:

  1. Visit https://product.frejun.com and log in.
  2. Navigate to the Settings section.
  3. Go to the Developer tab.
  4. Click on your existing OAuth app, or select Create App to register a new one.

Once your app is created, you’ll be redirected to a page displaying your Client ID and Client Secret.

Use these credentials to:

  • Generate access and refresh tokens for authenticating with FreJun APIs.
  • Subscribe to FreJun webhooks.

Requirements

  1. An active Frejun account.
  2. The following details are required while creating the app.
ParameterDescription
NameName of your App
Redirect/Callback URIUsers will be redirected to this URL after granting access to your app

Connecting your application with FreJun

  1. Build the Authorization URL with your application's client_id and redirect the user there. It should look like this:
    https://product.frejun.com/oauth/authorize/?client_id=<client_id>
info

You can append extra query parameters to the authorization URL. These parameters will be preserved and passed back as-is to the specified redirect_uri, for example:

https://product.frejun.com/oauth/authorize/?client_id=<client_id>&redirect_uri=<your_new_redirect_uri>&state=<your_custom_state>&username=<some_username>

After successful authentication, the user will be redirected to:

<redirect_url>?code=<oauth_code>&email=<user_email>&state=<your_custom_state>&username=<some_username>

  1. Once the user reaches the Authorization page, they will be prompted to log in to FreJun (if not logged in already) and will be redirected to a consent page where they can Accept or Decline.
  2. On Accepting, the user will be redirected to the redirect URL provided while creating the app with code and email of the user attached as a query param: <redirect_url>?code=<authorization_code>&email=<user_email>
tip

Instead of always relying on the fixed redirect URI configured at the time of app creation, you can make it dynamic by passing it as a query parameter in the authorization URL, for example:

https://product.frejun.com/oauth/authorize/?client_id=<client_id>&redirect_uri=<your_new_redirect_uri>

  1. On Declining, the user will be redirected to the redirect URL provided while creating the app with code attached as an empty string: <redirect_url>?code=
  2. The code obtained can be used to create Access & Refresh tokens by invoking the create token endpoint.
info

The authorization code is only valid for 10 minutes.

We also post a message back to the opener of the consent window containing the code and any other parameters that are appended to the redirect_uri, so the opener can directly consume the data without relying only on the redirect flow.

Example (listening for it on the opener side):

window.addEventListener('message', (event) => {
if (event.origin !== 'https://product.frejun.com' || !event.data) return; // to make sure the message you are listening to is from the expected origin
let eventData = event.data;
if(eventData.eventName == "oauth-code") {
// Handle the oauth-code event
const { code, email, ...otherparams } = eventData.data;
}
});

In the above example:

code: The OAuth authorization code, which can be exchanged for access and refresh tokens.

email: The email address of the user who authorized the app via their Frejun account.

otherparams: Any additional parameters that were included in the original authorization URL.