The Authorization Code Flow with Proof Key for Code Exchange (PKCE) is the OAuth 2.0 grant that native apps use in order to access an API.
More on this flow: https://www.developer.saxo/openapi/learn/oauth-authorization-code-grant-pkce
Warning For PHP, it is not recommended to use this flow in most setups. Use the Code Flow instead. PKCE is just here for demonstration purposes, when you have no other options.
- Get an OpenAPI Developer Account here: https://www.developer.saxo/accounts/sim/signup.
- Navigate to App Management in the Developer Portal: https://www.developer.saxo/openapi/appmanagement.
- Create a PKCE Flow app with a redirect to http://localhost/openapi-samples-php/authentication/oauth2-pkce-flow/demonstrate-pkce-flow.php.
- Modify the server-config file, so it contains your app details.
- Copy the files in this folder to your webserver (running PHP) and make sure your redirect is active.
- Navigate to the index.php, sign in and get data from the API.
Rate limits are logged, as well as the X-Correlation response header.
This sample contains the following files:
Filename | Description |
---|---|
server‑config.php | This is the configuration with the hosts of SIM and Live, and your app details. Add your app details before trying the sample! |
index.php | This is the landing file. The file creates the URL, saves the CSRF and verification token in the session and initiates a redirect to the OAuth2 server of Saxo Bank. |
demonstrate‑code‑flow.php | After the OAuth2, the user is redirected to this file. This file detects errors, if any, it verifies the request using the CSRF token and af all is good, it requests an access token. This access token is used for a request to the API and afterwards, a new access token is requested. |
cacert.pem | This is a bundle of X.509 certificates of public Certificate Authorities (CA) required to verify the SSL endpoints. Latest version: https://curl.haxx.se/docs/caextract.html |
A good tutorial on this grant type: https://auth0.com/docs/api-auth/tutorials/authorization-code-grant-pkce