fax:all:read
Grants read-only access to all fax-related operations, including viewing faxes, users, members, and numbers.
fax:all:edit
Grants full access to all fax-related operations, allowing editing and management of faxes, users, members, webhooks, and numbers.
fax:webhook:read
Allows read-only access to webhook configurations, enabling retrieval of webhook details.
fax:webhook:edit
Grants full access to manage and modify all webhook configurations.
fax:fax:read
Allows viewing and listing of all faxes, including access to outbox lists, fax files, and reports.
fax:fax:edit
Grants full permissions to manage and edit faxes, including operations on the outbox, files, and fax details.
fax:user:read
Allows viewing of the current user’s details (PAT owner).
fax:user:edit
Grants permission to update the current user’s details (PAT owner).
fax:member:read
Allows viewing of account and member details, including retrieving account and member-specific information.
fax:member:edit
Grants permission to update member details and manage account-related member information.
fax:numbers:read
Allows retrieval and listing of fax numbers.
fax:numbers:edit
Grants full permissions to manage and edit fax numbers, including all operations related to numbers.
client_id
- your client IDredirect_uri
- one of your registered redirect URIsresponse_type=code
scope=all
https://accounts.fax.plus/login?response_type=code&client_id=CLIENT_ID&redirect_uri=http://my.web.app&scope=all
On the redirected page, the user will be asked to log in and authorize the API. After the permission is granted, the user will be redirected to the given redirect URI with the authorization code as a code query parameter. For example, http://my.web.app?code=XXXXXX
The next step is to obtain an access token. The client must send a HTTP POST request to the base URL https://accounts.fax.plus/token with the following parameters:
Content-type: application/x-www-form-urlencoded
Authorization: Basic XXX
where XXX
is the base64 encoded string CLIENT_ID:CLIENT_SECRET
grant_type=authorization_code
client_id=YOUR_CLIENT_ID
code=AUTHORIZATION_CODE_FROM_PREVIOUS_STEP
redirect_uri=YOUR_REDIRECT_URL
Authorization
header is properly composed, and that the client ID is passed in the request body. Most libraries require additional flags to be set to enable this behavior.
If the request was successful, you will be granted an access token in JSON format.
This token should be passed as a Bearer Token inside the Authorization header with every request.
HTTP POST
request to the base URL https://accounts.fax.plus/token, passing the refresh token that you have received when obtaining the initial access token as a refresh_token
query parameter. Add the grant_type
parameter equal to the refresh_token
.
https://accounts.fax.plus/token?grant_type=refresh_token&refresh_token=REFRESH_TOKEN
Use the same Authorization header as the one you used for obtaining the access token.
In the response, you will receive the same JSON structure as the one returned when issuing the access token.
The refresh token will remain valid until the user requests a new access token, or revokes the permissions given to the client.