Smartsheet app authorization

msexton
msexton
edited 02/22/22 in API & Developers

Greetings,

Looking for a little guidance. I would like to develop an app that sends data to a sheet through HTTP.

I have used the Python SDK with a raw token in the past but now I need a more secure solution and figured creating a 3rd part app is the way to go.

I am having trouble with the workflow. Whilst following the documentation, I created my app and got my client id/secret and the next step being authorization,

i send a GET request to https://app.smartsheet.com/b/authorize , with header

client_id:*******************

response_type:code

scope:READ_SHEETS


and it returns


To further add to my confusion is that the docs say the next step is for the user to authorize my app to access their account, but what user I haven't specified any user anywhere?


Could anyone clarify this workflow for me? thanks kindly.

Tags:

Answers

  • Genevieve P.
    Genevieve P. Employee Admin

    Hi @msexton

    It sounds like you may need help in regards to Access Scopes, see the 4th step in Setting Up OAuth2.0 with your app: https://smartsheet.redoc.ly/#section/OAuth-Walkthrough/First-Steps

    Your scope is set to READ_SHEETS but you may want to try WRITE_SHEETS instead, to enable your app to make updates to the Smartsheet sheet.


    To access a user's Smartsheet data (or your Smartsheet account), your application must explicitly ask the user (the Smartsheet account holder) for permission.

    You do this by using access scopes, which enable your app to communicate to the user (the Smartsheet account holder) what type of operations it is performing.


    The Request an Authorization Code section of the Documentation has a picture example of what the "user" (Smartsheet account holder) will see when being asked to authorize your app to make updates to their sheets/account.

    I hope that helps!

    Cheers,

    Genevieve