How to grant access to an Organisation via the ApprovalMax Public API

How to grant access to an Organisation via the ApprovalMax Public API

This is how you grant access to an Organisation via the ApprovalMax API:

1. Initiate a user authorisation: generate an URL with the necessary parameters to direct the Account Owner / Account Manager / Organisation Administrator to the ApprovalMax Public API Consent page.

2. Grant access via the Consent page: here, the Account Owner / Account Manager / Administrator (2FA is required for Administrators) can select the Organisations to which they want to grant access for an application.

3. Redirect with an authorisation code: redirect the Account Owner / Manager / Administrator back to the application with an authorisation code. 

4. Request an access token: exchange the authorisation code for an access token via the token endpoint.

5. Receive an access token: the token endpoint verifies all request parameters and generates the access token in its response.


With the OAuth flow successfully completed, the access token enables you to make API calls on behalf of the Account Owner / Manager / Administrator and perform actions specific to those Organisations. You can determine to which connected Organisations access has been authorised within in your app.

    • Related Articles

    • How to grant access to an Organisation via the Consent page

      When the Account Owner, Account Manager or Organisation Administrator* initiates the authorisation process, they are redirected to a Consent page. Here, they can manually select the Organisation(s) they wish to grant access to. If the list of ...
    • Prerequisites for using the Public API

      Before proceeding with the authorisation process for the ApprovalMax Public API feature, there are certain prerequisites that need to be met. These include: 1. Granting access to the Developer Portal: in order to access the Developer Portal and ...
    • The list of endpoints available in Public API

      To make calls against the APIs, please refer to the endpoints below or to the swagger : Endpoints Description GET /ping This endpoint is used for checks the overall availability and responsiveness of the ApprovalMax Public API. When a GET request is ...
    • What does the ApprovalMax Public API do?

      The ApprovalMax API enables other systems to retrieve data from ApprovalMax and display it in their own systems without any manual action by a person. This seamless integration facilitates the automation of data transfers by pulling the relevant ...
    • How to verify authorised Organisations with access permissions

      To determine which Organisations the Account Owner has authorised, you can make a call to the /companies endpoint using the received token. In response, you will receive a list of Organisations UUIDs to which access has been granted. To retrieve ...