Authentication

How Transcend authenticates to your API

Protocol

Transcend can integrate easily with APIs authenticated with API Keys or through OAuth applications. Transcend prefers APIs that support OAuth authorization code flows both for security reasons (short-lived access tokens) and since connecting to OAuth applications is easier for data map administrators at our client companies, who can one-click login to connect the partner service to Transcend.

Permissions and Scopes

As a general principle, Transcend should have only the permissions that it needs to submit requests.

Examples

Here are some links to API docs for partners that had excellent APIs

  • SnapChat Ads. Snapchat has a very traditional OAuth2 authorization_code flow. One security downside of their solution is that when users give access to Transcend to manage their Snap Ads account, they technically authorize Transcend to perform any marketing related actions with the Snap API. Hypothetically, a malicious Transcend could use this access to start new ad campaigns or disable current ones (a permission Transcend does not need). When Transcend's permissions are bloated like this, it increases client hesitation when connecting to Transcend.
  • Google Analytics This API flow allows for very granular permissions. For example, Transcend's app is able to request the ability to delete users from custom audiences without having the ability to otherwise manage add campaigns through the user deletion permission.

OAuth Requirements*

*For partners with OAuth APIs only.

We require two distinct OAuth applications: one for development and testing, and another for our mutual customers to connect to in production. As such, there are four unique callback URLs:

App name: Local Dev
OAuth redirect URL: https://yo.com:4001/integration/[partnerName]/cb
Developer email: [email protected]

App name: Remote Dev
OAuth redirect URL: https://api.dev.trancsend.com/integration/[partnerName]/cb
Developer email: [email protected]

App name: Staging
OAuth redirect URL: https://api.staging.transcen.dental/integration/[partnerName]/cb
Developer email: [email protected]

App name: Transcend DSR Automation
OAuth redirect URL: https://api.transcend.io/integration/[partnerName]/cb
Developer email: [email protected]