//We redirect the user to the Authorization Server to authorize access
$authorization_url = 'https://access.active911.com/interface/open_api/authorize_agency.php';
//Set the GET parameters and then redirect the user to the authorization url
$query_array = array(
'client_id' => '<Your client_id>',
'response_type' => 'code',
'redirection_uri' => '<Your redirection_uri>',
'scope' => '<Scope you want to access>'
);
header('Location: ' . $authorization_url . '?' . http_build_query($query_array));
Authorization Code Exchange for Access Token and Refresh Token
//We have been redirected back here after being authorized by the Authorization Server
//Now we need to exchange our authorization code for an access token and refresh token
$token_url = 'https://access.active911.com/interface/open_api/token.php';
//Note that we send the secret to authenticate our request. We did not send the secret to generate an authorization code because then the user would be able to see it.
//We must send the secret from a server or protected native app, where it cannot be grabbed by the user.
$post_array = array(
'client_id' => '<Your client_id>',
'client_secret' => '<Your client_secret>',
'grant_type' => 'authorization_code',
'scope' => '<Scope you want to access>',
'code' => $_GET['code']
);
//Now we have the authorization code. We send a request to the token endpoint
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $token_url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($post_array));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_VERBOSE, true);
$output = curl_exec($ch);
$response_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close ($ch);
$json = json_decode($output);
//Check if we got a OK response
if($response_code != 200){
//There was an error. Show to the user if JSON error was sent
if(empty($json->error_description)){
die("Error: Could not generate token");
}
else{
die("Error: " . $json->error_description);
}
}
$access_token = $json->access_token;
$refresh_token = $json->refresh_token;
$expiration = time() + $json->expires_in;
Use Refresh Token to get a new Access Token
//Our access token expired. Request a new one using the refresh token.
$token_url = 'https://access.active911.com/interface/open_api/token.php';
//Note that we send the secret again to authenticate our request.
$post_array = array(
'client_id' => '<Your client_id>',
'client_secret' => '<Your client_secret>',
'grant_type' => 'refresh_token',
'scope' => '<Scope you want to access>',
'refresh_token' => '<Your previously generated refresh token>'
);
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $token_url);
curl_setopt($ch, CURLOPT_POST, 1);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($post_array));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_VERBOSE, true);
$output = curl_exec($ch);
$response_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close ($ch);
$json = json_decode($output);
//Check if we got a OK response
if($response_code != 200){
//There was an error. Show to the user if JSON error was sent
if(empty($json->error_description)){
die("Error: Could not generate token");
}
else{
die("Error: " . $json->error_description);
}
}
//Set the access token and expiration in the cookies
$access_token = $json->access_token;
$expiration = time() + $json->expires_in;
JavaScript
jQuery AJAX to the API using previously generated access_token