Our platform consists of a set of RESTful APIs that allow you to quickly and easily integrate 7Geese with your applications.

Registering a new Application With 7Geese

Before you get started, you'll have to register a new application. To register a new application, go to https://app.7geese.com/account/applications/.

You will need the following information:

  1. Name: The name of your application
  2. Authorization Grant Type: The method you want to allow to obtain an access token (https://tools.ietf.org/html/rfc6749#section-1.3)
  3. Redirect URIs: Where 7Geese will redirect to after the authentication flow is complete. You may have multiple URIs separated by spaces.

Implement OAuth2 Workflow and Obtain Access Token

You can use the OAuth 2 flow to obtain an access token for secure access to the 7Geese API. The OAuth 2 flow consists of the user authenticating with their 7Geese credentials. Next, the user authorizes your app to connect to their 7Geese account. The end result is a token your app can use to interact with the 7Geese on behalf of the user. This is how you would obtain an access token for an application with a grant type of "Authorization code".

Obtaining an access token using the "Authorization code" grant type

  1. Obtain a grant code:

Obtain a code that you can exchange for an access token:

GET https://app.7geese.com/o/authorize/?client_id={clientid}&response_type=code&scope={list_of_scopes}&redirect_uri={redirect uri}&state={state string}

Example:

GET https://app.7geese.com/o/authorize/?client_id=0Dn3qHXnFcqrXNqEGNo8O3TlJRjAqivGe4USfnEt&response_type=code&scope=all&redirect_uri=http%3A%2F%2Fwww.example.org%2Foauth2%2Fcallback%2F&state=my_state

If the user has authorized your grant request, 7Geese will redirect the request to the redirect_uri with a code GET parameter:

GET http://example.org/oauth2/callback/?code=12Dsdc32&state=my_state

If the user has denied your grant request, 7Geese will redirect the request to the redirect_uri with a error GET parameter:

GET http://example.org/oauth2/callback/?error=access_denied

2. Obtain your access token

You can use your code to obtain an access token that you can use to make requests to the 7Geese API:

POST https://app.7geese.com/o/token/?grant_type=authorization_code&client_id={client_id}&code={code}&redirect_uri={redirect_uri}&state={state_string}

Example:

curl https://app.7geese.com/o/token/ -v --data "code=qAsBimvQAoUYTDoWQBewTAYsecj5YX&client_id=0Dn3qHXnFcqrXNqEGNo8O3TlJRjAqivGe4USfnEt&grant_type=authorization_code&state=my_state&redirect_uri=http%3A%2F%2Fwww.example.org%2Foauth2%2Fcallback%2F" -X POST

You should get a response similar to this:

{"access_token": "EFc75gT6x9O6khQJUviz15fiYGXxVG", "expires_in": 36000, "token_type": "Bearer", "state": "my_state", "scope": "all", "refresh_token": "CYiGLkPFqWhtRbfLemRB1J8HsXvrka"}

Obtain an Access Token using your email and password

If you create an application with a grant type of "Resource owner password-based", you can also skip the entire workflow and obtain an access token using your email and password:

curl -X POST -d "grant_type=password&username={email}&password={password}&scope={scope}" https://{client_id}:{client_secret}@app.7geese.com/o/token/

Example:

curl -X POST -d "grant_type=password&username=numan@7geese.com&password=1234password&scope=all" https://bnt5h2lnrn14bEtQmZkixSHW5035cefiXZq5azSi:xSCBVtKHYa0VEkt4KX5tKRCqeM@app.7geese.com/o/token/ 

You should get a response similar to this:

{"access_token": "g6Oud5ujc3kAZTzkwfqxpm9DSiV9gi", "token_type": "Bearer", "expires_in": 36000, "refresh_token": "Iw6OYoESmeB47BB8tkW9kT3vQY9EB6", "scope": "all"} 

Scopes

The API supports a variety of scopes which you can choose from based on your applications needs.

all: Allows access to all API resources

userprofile: Access to user profile information

network: Access to network information and settings

department: Access to departments

recognition: Access to the Recognition feature

oneonone: Access to the 1-on-1s feature

feedback: Access to the feedback feature

privatenote: Access to private notes about other users that a user has written

objective: Access to the Objectives feature

review: Access to the Reviews feature

When using any of the scopes besides all, you must add a :read or :write suffix to the name above. For example, read-only access to user profile data would require the scope userprofile:read, while read/write access would require the scope userprofile:read userprofile:write. You can combine as many scopes together as you need in the scope parameter of your OAuth request. When a user is authorizing your application, 7Geese will tell them what kind of information access your application is requesting.

Requesting API Resources

Once you got an access token by either of the above methods, you can request API endpoints that require authorization by sending a header like this:

Authorization: Bearer {access_token}

Example:

curl -H "Authorization: Bearer g6Oud5ujc3kAZTzkwfqxpm9DSiV9gi" https://app.7geese.com/api/v/2.0/objectives/

API Endpoints

Our new GraphQL API is documented in the next section.

A live overview of older API endpoints can be viewed at: https://app.7geese.com/api-docs/

Did this answer your question?