Peoplevine Tokens
In-depth information about the various Peoplevine tokens.
Token types
Peoplevine uses the following token types:
Access tokens (User, User Company, and Customer)
Refresh tokens
Whenever you Authenticate on the Peoplevine APIs, you receive an Access token and a Refresh token. The Access token is used to authenticate on the APIs. This enables you to interact with the APIs. However, it only lasts for 30 minutes and then it expires. However, the Refresh token that you received at the same time as the Access token can be used to refresh the Access token, i.e. make it last for another 30 minutes.
This process can be repeated until the Refresh token expires. A Refresh token either lasts for 24 hours (with remember_me
set to "true"), or for 7 days (with remember_me
set to "false"). Once the Refresh token expires, you need to go through the authentication process again to receive another Access token and Refresh token pair.
Access Tokens
There are three different types of Access tokens:
User Access token
User Company Access token
Customer Access token
The process for obtaining each token type is slightly different, and they each have different use cases.
User Access token
A User Access token is used for two main reasons:
Authenticate on the Peoplevine Control Panel
Once you have a User Access token, you can use the APIs associated with the Peoplevine Control Panel, such as requesting a list of all of the companies where the user has access. It is also useful for creating an application that is similar in function to the Peoplevine Control Panel in that a single user needs to be able to switch between companies. However, the most common function is to generate a User Company Access token.
For more information on obtaining a User Access token, refer to Generate a User Access token.
User Company Access token
A User Company Access token is the most common token type. It can only be generated using a User Access token and Refresh token with a company ID that the user has access to, and allows the user to access APIs that connect to that company's data, such as bookings, appointments, members, check-ins, check-outs, etc.
For more information on obtaining a User Access token, refer to Generate a User Company Access token.
Customer Access token
Customer Access tokens are used to authenticate your customers to your app. It has a similar functionality to using the Peoplevine member portal. It is connected to visibility privileges, so the customer can only view the resource if they have access to it, otherwise it will be automatically hidden.
For more information on obtaining a User Access token, refer to Generate a Customer Access token.