Authentication

Authentication is the first step in the deep integration flow. Once users authorize your platform with Trade It, your server can request session URLs for connect and trade modals.

Before implementing OAuth, register your client in Trade It:

1. Sign in at tradeit.app.
2. Choose Organization on first login, or use Register a Client from your dashboard later.
3. Complete partner setup and billing in the partner portal.
4. Save the client_id and one-time client_secret shown after provisioning.

If you have questions or want to discuss your use case, contact us.

How OAuth Works (High Level)

1. User clicks a "Connect Trade It" action in your app.
2. User authenticates with Trade It and grants permission.
3. Trade It redirects to your callback URL.
4. Your server exchanges the authorization code for tokens.
5. Your server stores Trade It access/refresh tokens for that user.

Once tokens are stored, you can launch embedded connect and trade flows.

What You Need to Implement

• A client-side "Connect Trade It" entry point.
• A callback route on your platform.
• A server-side code exchange using your client_id and client_secret.
• Secure per-user storage for Trade It access and refresh tokens.

Notes

• Keep client_secret on your server only.
• Never exchange OAuth codes from client-side code.
• Session URL calls should always be server-side and use the user's Trade It token.