OpenSylo Backend API
  1. OAuth 2.0
OpenSylo Backend API
  • API Info
    • API Information
      GET
  • Health
    • HealthController_checkHealth
      GET
    • HealthController_ping
      GET
  • Marketplace Connections
    • Get available marketplaces
      GET
    • Get marketplace catalog
      GET
    • Get marketplace details
      GET
    • Initiate marketplace connection
      POST
    • Disconnect from marketplace
      POST
    • Get connection status
      GET
    • Update marketplace credentials
      POST
    • Handle OAuth callback
      POST
  • Merchant Authentication
    • Register a new merchant account
      POST
    • Authenticate merchant
      POST
    • Verify email address
      POST
    • Resend verification email
      POST
    • Request password reset
      POST
    • Reset password
      POST
    • Change password
      POST
    • Refresh access token
      POST
    • Logout
      POST
    • Get current user profile
      GET
  • MerchantKyc
    • MerchantKycController_getOnboardingStatus
    • MerchantKycController_getKycProgress
    • MerchantKycController_sendOtp
    • MerchantKycController_verifyOtp
    • MerchantKycController_updateBusinessInfo
    • MerchantKycController_addDirector
    • MerchantKycController_addBulkDirectors
    • MerchantKycController_uploadDocument
    • MerchantKycController_submitKyc
    • MerchantKycController_searchBusinessTypes
    • MerchantKycController_getBusinessCategories
    • MerchantKycController_getDocumentTypes
  • Merchants
    • Create a new merchant
    • Get all merchants
    • Get a merchant by ID
    • Update a merchant
    • Delete a merchant
  • Marketplace Data Ingestion
    • Submit Merchant Data
    • Submit Bulk Merchant Data
    • Get Merchant Credit Score
    • Health Check
  • Marketplace Dashboard
    • Complete Marketplace Registration
    • Marketplace Dashboard Login
    • Get OAuth Credentials
    • Regenerate Client Secret
    • Get Current User
    • Invite Marketplace (Admin)
  • OAuth 2.0
    • OAuth Authorization Endpoint
      GET
    • Process Authorization Decision
      POST
    • Token Endpoint
      POST
    • Revoke Token
      POST
    • Client Metadata
      GET
  • OAuth Authentication
    • Login Page
    • Login Submit
    • Signup Page
    • Signup Submit
    • Logout
  • Lenders
    • Create a new lender
    • Get all lenders
    • Get a lender by ID
    • Update a lender
    • Delete a lender
  • Schemas
    • PlatformDto
    • PlatformConnectionMetadataDto
    • PlatformConnectionInfoDto
    • PlatformListResponseDto
    • ConnectionInitResponseDto
    • ConnectionMetricsDto
    • ConnectionStatusResponseDto
    • DisconnectResponseDto
    • PlatformCatalogResponseDto
    • ConnectPlatformDto
    • DisconnectPlatformDto
    • PlatformCredentialsDto
    • MerchantSignupDto
    • SignupResponseDto
    • MerchantLoginDto
    • LoginResponseDto
    • MerchantVerifyEmailDto
    • EmailVerificationResponseDto
    • MerchantResendVerificationDto
    • GenericSuccessResponseDto
    • MerchantForgotPasswordDto
    • MerchantResetPasswordDto
    • MerchantChangePasswordDto
    • RefreshTokenDto
    • UserProfileResponseDto
    • OtpVerificationDto
    • BusinessKycDto
    • DirectorInfoDto
    • BulkDirectorInfoDto
    • DocumentUploadDto
    • CreateMerchantDto
    • UpdateMerchantDto
    • MarketplaceDataCaptureDto
    • BulkMarketplaceDataCaptureDto
    • CompleteMarketplaceRegistrationDto
    • MarketplaceLoginResponseDto
    • MarketplaceLoginDto
    • MarketplaceCredentialsResponseDto
    • RegenerateSecretResponseDto
    • InviteMarketplaceDto
    • MarketplaceInvitationResponseDto
    • CreateLenderDto
    • UpdateLenderDto
  1. OAuth 2.0

OAuth Authorization Endpoint

GET
/oauth/authorize
Initiates the OAuth 2.0 Authorization Code flow.
Step 1 of the OAuth flow - Marketplace redirects user here.
The user will be:
1.
Redirected to login if not authenticated
2.
Shown a consent screen to authorize data sharing
3.
Redirected back to the marketplace with an authorization code

Required Parameters#

ParameterDescription
client_idMarketplace's client ID
redirect_uriWhere to redirect after authorization
response_typeMust be "code"
scopeSpace-separated list of requested scopes
stateRandom string for CSRF protection

Available Scopes#

ScopeDescription
data.share.salesShare sales/GMV data with OpenSylo
data.share.fulfillmentShare fulfillment metrics
data.share.payoutsShare payout/cashflow data
data.share.riskShare risk flags
data.share.profileShare merchant profile
credit.score.readAccess calculated credit scores
repayment.reportReport loan repayments

Request

Query Params

Responses

🔵302
Redirects to login page or consent page
This response does not have a body.
🟠400
Request Request Example
Shell
JavaScript
Java
Swift
curl --location --request GET 'https://api.dev.opensylo.com/oauth/authorize?client_id&redirect_uri&response_type&scope&state&code_challenge&code_challenge_method'
Modified at 2025-12-30 08:04:15
Previous
Invite Marketplace (Admin)
Next
Process Authorization Decision
Built with