Authorization URL for SX API


Let me start off with the statement that I'm not a developer and hopefully this question doesn't seem too dumb.  We're trying to allow outside access to the SX APIs and the developer we are working with is looking for the Authorization URL.  I can see what the base URL is for SX.e API and I've created a service account for this outside development team, but beyond that I'm not entirely sure what the authorization URL is?  

When I go to test out the APIs on the webpage, I can see the CURL and I passed this information on to the developer, but when they try to access it, they are getting an error:Unauthorized response.  It would appear we are getting closer, but I'm just missing the last little bit of information to get them in.  I've looked through the user manuals and administration manuals for ION Desk, but I haven't come up with anything that leads me to what the authorization URL would be.

Trevor Bensen

  • Go into ION API, click the menu and then click Authorized Apps. Click the Backend Service you need the URL for. Click Download Credentials. In the file you receive the base URL is the "pu" entry and the authorization endpoint is the "oa" entry. Combining these two together will give you the authorization URL.
  • In reply to Bradley Brown:

    Looking at the list of Authorized apps, I don't see a specific one for SX API, only an IONService app that is a Backend Service. I also created one called SX API that is a Backend service and added the user that will be accessing these APIs. Will this allow them access to the SX APIs we have available?
  • In reply to tbensen:

    Yes, you need to create an authorized application that is allowed to access the API. As Bradley said, it also allows you to download the oauth credentials file. In case you haven't reviewed them already, this is explained in the API Gateway Admin Guide ( and also the API Gateway SDK readme on Github (
  • In reply to Keith Knuth:

    After I created this application, I sent the credential information dump over to the developer who is trying to access these APIs and they are getting a "Bad Request" response, which I'm assuming is an improperly structured CURL?  Here is a sample of the code they are using to try access our SX APIs.  I have removed the external IP address and the secret/token information.


  • In reply to tbensen:

    Have you tried testing from ION API? Go to ION API->Available APIs, double-click Infor Distribution SX.e and then click the Documentation icon for the sxapirestservice. From there you should see a listing of all the available APIs and can test them using json. The results will provide a CURL example, although not wrapped in php.