Facebook
LinkedIn
YouTube
Getting Started
Authentication
Authentication
  • V2 Authentication (Deprecated)
  • V3 Authentication
V2 API Documentation (Deprecated)V3 API Documentation
Getting Started
Authentication
Authentication
  • V2 Authentication (Deprecated)
  • V3 Authentication
V2 API Documentation (Deprecated)V3 API Documentation
  1. Getting Started
  • Choosing the Right API Version
  • Getting Started
  • Architecture
  • Quick Start
  • Authentication
  • Roles and API Access
  • API Categories
  • API Endpoints Reference
  • Making Your First API Call
  • Working with Encrypted Tokens
  • Code Examples
  • Error Handling
  • Best Practices
  • Troubleshooting
  • Support
  1. Getting Started

Quick Start

Step 1: Get Your Credentials#

Obtain your API credentials from your Convirza account administrator:
Email address
Password
Organization ID (org_unit_id) — for filtering data by organization

Step 2: Obtain Access Token#

Make a POST request to the OAuth service to get your access token:
Response:
{
  "access_token": "encrypted-token-string",
  "refresh_token": "encrypted-refresh-token-string",
  "frontend_token": "32-character-hash-string",
  "token_type": "Bearer",
  "expires_in": "2026-04-10T12:00:00.000Z",
  "refresh_expires_in": "2026-10-01T12:00:00.000Z",
  "user": {
    "user_id": 123,
    "email": "your-email@example.com",
    "role_id": 1,
    "org_unit_id": 1001
  }
}
expires_in and refresh_expires_in are ISO 8601 UTC timestamps representing the absolute expiration time — not durations in seconds.

Step 3: Make API Calls#

Use the access token to make requests to the Public APIs:

Step 4: Refresh Token When Expired#

When your access token expires (after 7 days), use the refresh token to get a new token pair:
Refresh tokens expire after 180 days. Both tokens are rotated on each refresh — the old refresh token is immediately invalidated.
Modified at 2026-04-03 18:26:32
Previous
Architecture
Next
Authentication
Built with