Submit an app
Guides
My AppsSign Up

Getting Started

Suggest Edits

This guide illustrates how to retrieve your API credentials from the Hootsuite Developer Portal and authenticate with the REST API using the OAuth2 Authorization Code Workflow.

1. Retrieving API Credentials from the Hootsuite Developer Portal

This section assumes that you have an approved Developer account set up, within which you have created at least one application.

Log into the Developer Portal and select your App by clicking on the app name.

935

You will be able to see the app's REST API Client ID and REST API Client Secret in the app's configuration page.
If you did not provide a callback URL in your request for API access, the default REST API Callback URL (https://www.getpostman.com/oauth2/callback) the Postman collection callback will be registered as the default callback url and can be changed on request.

2. Testing Connectivity and Authentication with Postman

Next, you can test retrieving an access_token for a Hootsuite account using Postman. The swagger file can be downloaded directly from our documentation.

  1. Select any of the available API endpoints. For this test, we'll use GET /v1/me. Under the Authorization Tab, select OAuth 2.0 from the "Type" drop-down. Ensure "Add authorization data to" is set to Request Headers. Then, click "Get New Access Token."

  1. You'll be presented a pop-up to input the necessary fields, as follows:

Token Name: Any token name
Grant Type: Authorization Code
Callback URL: https://www.getpostman.com/oauth2/callback
Auth URL: The authorization endpoint
Access Token URL: The token endpoint
Client ID: Your client ID from above
Client Secret: Your client secret from above
Scope: The required token scopes. Valid value is offline
State: The external client authentication request state. If supplied, must be at least 8 characters long.
Client Authentication: Select Send as Basic Auth header

Then, click "Request Token".

  1. You'll be prompted to log into your Hootsuite Account via email/password, social sign-in through Twitter, Facebook, or Google, or SSO. Once you've successfully authenticated, you will be presented with a consent page. Click "Allow."

  2. Now you have a token! Click "Use Token" and try calling the GET /me endpoint.

Updated about 1 year ago