Skip to main content
Configuring API access

App development with API access

Updated over a week ago

App developer access is in a closed beta and only developers who receive an invite can join the beta. Join the waitlist here.

With apps that require API access, you can allow creators to install apps that can link together external platforms to work in harmony. We control authentication here and developers have to request access on behalf of a creator to us to approve.

Once you've created your app with API access required, click on the button "configure".

Configuring API Oauth Access

Fill out the form that pops up:

  • Authorization URL: The URL you'd like us to link to, so you can initiate the OAuth flow to the ConvertKit API from your system. We will link to this URL with the `redirect` query parameter which will tell you where to redirect the creator back to so they can continue their session within the Kit application. All URLs have to be secure—i.e. "https"

  • Redirect URIs: Add as many redirect URIs as required. All URLs have to be secure—i.e. "https"

  • Secure application: If the application you are creating is hosted in an environment where you are not able to ensure the authorization keys are hidden and secure (such as in a single page application”), uncheck the “Secure application” toggle.

NOTE: To better understand OAuth, we have details within the V4 API Docs, which links out to the OAuth public docs. Another great resource for this is Okta’s playground which allows you do see the flows in action. All implementation of OAuth has been carried out against the public OAuth 2.0 RFC, so follows the structure and usage found here.

Once you're done filling the form, hit "Continue".

It will configure the OAuth application and we will then return the UID and Secret, which need to be used with ongoing authentication:

NOTE: When completing the authorization flow for API access, using the credentials above, the developers will need to redirect back to the URL included in the `redirect` query param to ensure the creator can continue their session within the Kit application.

Editing the API access

Clicking on the settings button opens out the modal allowing editing.

The edit modal will...

  • Show your UID and secret again

  • Allow you to add or remove Redirect URIs

  • Update your Authorisation URL

  • Toggle the secure application setting on or off.

Pressing save here will automatically update your application for all users. Please be careful of making changes.

Did this answer your question?