What is a Flipdish App
We use the term "Flipdish App" for any integration, module or application built on top of the Flipdish API.
Some code samples may use the term "client" instead of "Flipdish App"
To interact with Flipdish API you will need a Flipdish account. You can create a Flipdish account for free at https://portal.flipdish.com/signup
Clickhttps://dash.readme.io/project/flipdish/v1.0/docs/getting-started on your avatar and then on **Developer tools".
Click on OAuth apps and then on the red Add New button.
Give your app a name and press Create
Flipdish uses OAuth2 to manage authentication. If you aren't familiar with OAuth2, that's fine. We'll walk you though the basics.
Every Flipdish App uses Hybrid Flow, which allow to request a combination of identity token, access token and code via the front channel using either a fragment encoded redirect (native and JS based clients) or a form post (server-based web applications).
Through the Flipdish Developers Portal you can get access tokens, which allows you to access your stores, orders, vouchers and many resources via the API.
Click the Request token button to generate a token.
To request access tokens programmatically you need your App's ID and Secret Key.
For security reason secret key is hidden on Flipdish Developer Portal by default.
Please use the "REVEAL SECRET KEY" button to get your key and keep it in a safe place.
Request a token using IdentityModel and C#.
TokenClient client = new TokenClient( "https://api.flipdish.co/identity/connect/token", "<your_client_id>", "<your_secret_key>"); string accessToken = client.RequestClientCredentialsAsync("api").Result.AccessToken;
Secret Key: a token accessed only by you (the App owner) and Flipdish. This should not be exposed to customers or 3rd parties.
Access Token (also know as a Bearer Token): a token which is used when making calls to the Flipdish API.
Authenticate by including the header Authentication with your OAuth Bearer token (AKA access token).
curl --request GET \ --url https://api.flipdish.co/api/v1.0/orders/1 \ --header 'Authentication: Bearer <your Access Token>'
Always use HTTPS
Calls made over plain HTTP will fail. API requests without authentication will also fail.
Visit the API Reference Docs to see a list of available endpoints and test out the API.