User Authorization

Documentation | Checkbook

Authorization endpoint

To start this authentication process, your user will access our OAuth authorization endpoint:
https://app.checkbook.io/oauth/authorize

🚧

Sandbox OAuth

If you want to test the OAuth flow in Sandbox, you will need to use this authorization endpoint:
https://sandbox.app.checkbook.io/oauth/authorize

This URL requires 4 query parameters which are:

Query parameter

Description

client_id

Your client ID found in Developer Keys

response_type

code

scope

One of the following values:

  • check: the token can be used multiple times to send or request checks
  • check_receive: the token can be used multiple times to request checks
  • single-use: the token can be used only once to send or request checks

redirect_uri

Your callback url found in Developer Keys

Here's an example of an authorization endpoint containing all the query parameters:
https://demo.checkbook.io/oauth/authorize?client_id=313910200b834c009f62ae47feeee407&response_type=code&scope=check&redirect_uri=https://example.com

📘

Note

The previous URL is for the demo environment and cannot be used for an actual OAuth implementation. You will need to use either the sandbox or the production authorization endpoint.

Get user's authorization

The following page is displayed asking the user to login to its Checkbook.io account.

If the user doesn't have a Checkbook.io account, then a signup form will be displayed.

After the signup, we require the new user to verify its email address by entering the 6-digit code we sent to the email provided.

Finally, the user will also be prompted to Complete its profile and Add a bank account before being able to Authorize a Payment.

After the user successfully authenticates, the following dialog will be displayed allowing to either Deny or Authorize your business to use Checkbook.io on its behalf.

Once the user confirms they wish to allow a third party to send checks on their behalf, their browser will be redirected to the callback URI that has been specified in the Developer Keys, along with an AUTHORIZATION_CODE:

http://REDIRECT_URI?code=AUTHORIZATION_CODE


What’s Next