Documentación
superleads.mx

Oauth

Referencia de la API · ☕ 3 min de lectura
Actualizado el 19 Jun 2026

OAuth 2.0 v3

Documentación de la API de OAuth 2.0

API Versión v3

Todos los endpoints estan disponibles bajo el prefijo /v3, con respuestas que siguen el estandar AIP.

Servidor base: https://services.leadconnectorhq.com

Endpoints


POST /oauth/token

Obtener Access Token Use Access Tokens to access CRM resources on behalf of an authenticated location/company.

Parametros: - Versión (header, string) (requerido) — Versión de la API

Cuerpo de la peticion (application/x-www-form-urlencoded): - clientId (requerido) — string — The Id provided by CRM for your integration - clientSecret (requerido) — string — The client secret provided by CRM for your integration - grantType (requerido) — string — The OAuth2 grant type — authorization_code, refresh_token, or client_credentials - code — string — The authorization code received from the authorization endpoint (required for authorization_code grant) - refreshToken — string — The refresh token used to obtain a new access token (required for refresh_token grant) - userType — string — The type of token to be requested - redirectUri — string — The redirect URI for your application

Cuerpo de la peticion (application/json): - clientId (requerido) — string — The Id provided by CRM for your integration - clientSecret (requerido) — string — The client secret provided by CRM for your integration - grantType (requerido) — string — The OAuth2 grant type — authorization_code, refresh_token, or client_credentials - code — string — The authorization code received from the authorization endpoint (required for authorization_code grant) - refreshToken — string — The refresh token used to obtain a new access token (required for refresh_token grant) - userType — string — The type of token to be requested - redirectUri — string — The redirect URI for your application

Respuestas: - 200 — Respuesta exitosa - 400 — Peticion invalida - 401 — No autorizado - 422 — Entidad no procesable


POST /oauth/location-token

Obtener Location Access Token from Agency Token This API allows you to generate locationAccessToken from AgencyAccessToken

Scopes requeridos: oauth.write

Parametros: - Versión (header, string) (requerido) — Versión de la API

Cuerpo de la peticion (application/x-www-form-urlencoded): - companyId (requerido) — string — Company Id of location you want to request token for - locationId (requerido) — string — The location Id for which you want to obtain accessToken

Respuestas: - 200 — Respuesta exitosa - 400 — Peticion invalida - 401 — No autorizado - 422 — Entidad no procesable


GET /oauth/installed-locations

Obtener Location where app is installed This API allows you fetch location where app is installed upon

Scopes requeridos: oauth.readonly

Parametros: - pageSize (query, number) — Max items per page (1-100). Replaces legacy limit parameter per AIP-158. - pageToken (query, string) — Opaque token returned in a previous response to fetch the next page. Replaces legacy skip parameter per AIP-158. - query (query, string) — Parameter to search for the installed location by name - isInstalled (query, boolean) — Filters out location which are installed for specified app under the specified company - restrictToUserLocations (query, boolean) — When true, restricts the list to locations the current user has access to (for restricted agency admins and account admins). When false or omitted, no user-based filter is applied for installed list; for backward compatibility, install list (isInstalled=false) is still filtered by user when this param is omitted. - companyId (query, string) (requerido) — Parameter to search by the companyId - appId (query, string) (requerido) — Parameter to search by the appId - versionId (query, string) — VersionId of the app - onTrial (query, boolean) — Filters out locations which are installed for specified app in trial mode - planId (query, string) — Filters out location which are installed for specified app under the specified planId - locationId (query, string) — locationId - Versión (header, string) (requerido) — Versión de la API

Respuestas: - 200 — Respuesta exitosa - 400 — Invalid argument (AIP error envelope) - 401 — No autorizado - 404 — App not found (AIP error envelope) - 422 — Entidad no procesable