Oauth Callback
GET/api/integrations/oauth_callback/:integration_type
Handle OAuth callback from OAuth provider (e.g., Google for Gmail, Facebook, GHL).
This endpoint is called by the OAuth provider after user authorization. It exchanges the authorization code for tokens and creates/updates the integration. Then redirects to the frontend settings page.
Note: This endpoint does not require JWT/API key authentication because OAuth callbacks use encrypted state tokens for authentication. The tenant_id is extracted from the decrypted state token inside the service layer.
Path Parameters: integration_type: Type of integration (e.g., 'gmail', 'facebook_messenger')
Query Parameters: code: Authorization code from OAuth provider (present on success) state: State token for validation (encrypted with Halite) error: Error code from OAuth provider (present when user cancels or denies access) error_description: Human-readable error description
Returns: Redirect to frontend settings page with success/error status
Examples: Success: GET /api/integrations/oauth_callback/gmail?code=auth_code...&state=encrypted_state... Redirects to: {BASE_URL}/settings/integrations?category=email&success=true&integration_id=...
Cancelled: GET /api/integrations/oauth_callback/gmail?error=access_denied&state=encrypted_state... Redirects to: {BASE_URL}/settings/integrations?category=email&success=false&error_msg=Authorization+cancelled
Request
Responses
- 200
- 404
- 422
Successful Response
Not found
Validation Error