Oauth 2.0
OAuth 2.0 Authentication
Connecteam supports OAuth 2.0 Client Credentials flow for secure, server-to-server API access. Your application authenticates using credentials, receives a short-lived token, and uses that token to call APIs.
When to Use OAuth 2.0
Use OAuth 2.0 if you need:
- Scoped access to specific Connecteam features
- Short-lived tokens (better security than static API keys)
- Server-to-server integrations without user interaction
Step 1: Create an OAuth App
Navigate to: Your Name → Integration Center → OAuth 2.0
- Click Create app
- Enter a Display Name (e.g., "Internal Dashboards")
- Select Scopes (permissions) for your app
ImportantScopes cannot be edited after app creation. Request only the minimum scopes required.
- Click Save app
Step 2: Save Your Credentials
After saving, Connecteam generates:
- Client ID
- Client Secret
WarningThe Client Secret is shown only once. Copy and store it securely before continuing.
Step 3: Get an Access Token
Exchange your credentials for an access token.
Endpoint: POST https://api.connecteam.com/oauth/v1/token
Authentication: HTTP Basic (Client ID as username, Client Secret as password)
curl --request POST \
--url https://api.connecteam.com/oauth/v1/token \
--header 'Content-Type: application/x-www-form-urlencoded' \
--user CLIENT_ID:CLIENT_SECRET \
--data 'grant_type=client_credentials'Response
{
"access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9...",
"token_type": "Bearer",
"expires_in": 86400,
"scope": "users.read users.write"
}Access tokens are valid for 24 hours. Implement automatic token renewal before expiration.
Step 4: Use the Access Token
Include the token in the Authorization header:
curl --request GET \
--url https://api.connecteam.com/users/v1/users \
--header 'Authorization: Bearer YOUR_ACCESS_TOKEN'Never send the Client Secret when calling API endpoints – only use the access token.
Available Scopes
Scopes follow the format feature.permission (e.g., users.read, schedule.write).
| Feature | Scope Prefix | Read | Write | Delete |
|---|---|---|---|---|
| Account Information | account_information | ✅ | ✅ | ✅ |
| Company Policies | company_policies | ✅ | ✅ | ✅ |
| Users | users | ✅ | ✅ | ✅ |
| Assets | assets | ✅ | ✅ | ✅ |
| Sales Data | sales_data | ✅ | ✅ | ✅ |
| Attachments | attachments | ✅ | ✅ | ✅ |
| Quick Tasks | quick_tasks | ✅ | ✅ | ✅ |
| Publishers | publishers | ✅ | ✅ | ✅ |
| Chat | chat | ✅ | ✅ | ✅ |
| Jobs (Resources) | jobs | ✅ | ✅ | ✅ |
| Schedule | schedule | ✅ | ✅ | ✅ |
| Daily Note | daily_note | ✅ | ✅ | ✅ |
| Time Clock | time_clock | ✅ | ✅ | ✅ |
| Time Off | time_off | ✅ | ✅ | ✅ |
| Forms | forms | ✅ | ✅ | ✅ |
| Settings | settings | ✅ | ✅ | ✅ |
Scope Examples
| Scope | Description |
|---|---|
users.read | Read user information |
users.write | Create and update users |
users.delete | Delete users |
schedule.read | View schedules and shifts |
time_clock.write | Clock in/out, edit time entries |
forms.read | Access form submissions |
Updated about 2 hours ago