Languages: Any | Difficulty: Easy
Many applications these days require the ability to manipulate an Keap account as an “application”, rather than on behalf of a single user. One of the most common examples is adding new users as contacts to your internal Keap account.
Suppose you have a web application called ButtonPush that allows users to push a button. They create an account with you by entering their own username and password, and once logged in can push a button as many times as they wish. You want to accomplish two things:
- Whenever someone signs up, add them to your internal ButtonPush Keap account
- Whenever someone presses a button for the first time, add a tag to their user profile titled "buttonpushed"
With a simple key-based API, this is simple - you'd store your API key as an environment variable in your codebase and make a request to your own Keap account via the API to perform the contact creation request. With OAuth, however, things get a bit more complicated. This tutorial is going to walk you through some basic concepts to build the Keap OAuth flow into your application's Admin panel using the PHP SDK.
Please note that this tutorial covers integrating a single Keap account. If you need to allow users to implement their own Keap account, follow our tutorial on OAuth.
Next: Setup The Application
Setup The ApplicationWe'll assume your application already exists, and you have your core application logic built and also have some sort of administration panel that only you can see. You'll want a place to put your authorization link and view the status of your Keap connection.
Next: Create a way to store your Infusionsoft OAuth Token
Create a way to store your Infusionsoft OAuth Token
In the next step we're going to be performing some simple commands to retrieve an Keap Authorization Token, but before we do that we need to be able to store the token.
If your application has a concept of "settings" at the administrator level, we recommend that you store your Keap Token along with other settings - things like your root URL and other default values that apply to the system as a whole.
If you don't have any concept of settings, you can store your token pretty much anywhere - in your database in a new table named "system_settings", or a text file that's outside of the root directory of the application. This is important so that no one can ever find your token.
Next: Integrate the Infusionsoft API
Integrate the Infusionsoft API
No matter what language you use, you'll be integrating Keap and authenticate via OAuth just like any other scenario.
The difference is that you only need to store your token once, and set it up to auto renew every time you make a request. This means you can access the Keap API globally within your application, and don't have to worry about storing access and refresh tokens on an individual user record - just keep them saved in your settings table.
Next: Make a request
Make a request
At this point, you should be all set to make a request. By now, you should have:
- Created a link to authenticate with Keap accessible only from your admin panel
- Built the OAuth functionality in so that after authenticating your access and refresh token are saved in your settings table
When you have a new signup, you can simply make a request to Infusionsoft to add a contact to your application. Infusionsoft will respond with their Contact ID, which you can save on the user record within your application.
When someone presses the button in your application, you can retrieve their Infusionsoft Contact ID from your user store, and then make a request to Infusionsoft to add a "buttonclicked" tag.
Next: As you go: Refresh the Access Token
As you go: Refresh the Access Token
To maintain the ability to access Keap without the user needing to authorize access again we suggest doing the following:
- Run a cron job three hours before the access token expires
- Base the cron job off of the expires_in amount returned with an access token is granted.
- Currently the access token expires every 24 hours which means the refresh should happen every 21 hours
Please note that Refresh tokens are no longer able to be used if one of the following criteria happens:
- The refresh token is used.
- The refresh token is older then 45 days.