How do OAuth clients work in Inxmail New Xperience?

OAuth clients in Inxmail New Xperience use OAuth2 with Authorization Code. Here is a simplified diagram of how the various participants interact.

See below for more detailed information on the steps involved.

Steps in the Process

  1. The user accesses a resource in the integration that requires access to the Inxmail API.

  2. The integration redirects the user to Inxmail New Xperience so that they can request initial authorization.

  3. The user authenticates using their Inxmail username and password. They provide the integration with explicit permission to act on their behalf (consent screen).

  4. After successful authentication, the integration stores the refresh token.

  5. Using a valid access token, the integration makes an authenticated call to the Inxmail API.

After this initial authorization, the integration is permitted to act on behalf of the user. The integration can use the (persistent) refresh token to request a (temporary) access token at any time. The access token enables the integration to make authenticated requests to the Inxmail API on behalf of the user.

Detailed Steps in the Process

Further Information