Skip to Content

User Guide

Business Portal Login

Security considerations

Your token request MUST occur on a backend server; implicit grant types are not supported. Do not provide the client secret to unsecured environments such as web clients.

Be sure to validate all query parameters received via the Redirect URI.

Your implementation should also make use of the State field to protect against cross-site request forgeries.