bg-image1 bg-image3

Using OAuth 2.0 to Access Postfilter API

Basic steps

Postfilter application follow a basic pattern when accessing Postfilter API using OAuth 2.0. At a high level, you follow four steps:

Obtain OAuth 2.0 credentials from the Postfilter ‘bedrijven’ dashboard

Visit the Postfilter ‘bedrijven’ dashboard to obtain OAuth 2.0 credentials such as a client secret that are known to both Postfilter and your application. Since we are handling personal information, we only allow access from web server applications, where you need to use both client username and client secret.

Obtain an access token from the Postfilter Authorization Server

Before your application can access private data using the Postfilter API, it must obtain an access token that grants access to that API. A single access token can access all downloads your account was granted to. Therefor it is not needed to send other values, other than the client secret.

Send the access token to the API endpoint

After your application obtains an access token, you can use the token in an HTTP Authorization request header to retrieve the document you require for your application.

Refresh the access token

Access tokens have limited lifetimes. If your application needs access to the API beyond the lifetime, you can request a new access token by sending the client secret again (1).

Web server applications

The Postfilter OAuth 2.0 endpoint supports web server applications that use languages and frameworks such as PHP, Java, Python, Ruby, and ASP.NET.

Making an API request

The implementation will differ per language used in the webserver. Regardless of the language, the flow and technique will be the same or very similar.

End-points might change in the future, but upon writing this document, the URI for the API was set at: https://bedrijven.postfilter.nl. Please use this URI for all instances below.

Get Access Token

POST Request to
URI: <business_uri>/api/auth/login

Using variables
Header: Accept: application/json
form_params:
username = <client_id>
password = <client_secret>

Return
{
"access_token": "GeneratedAccessToken",
"token_type": "Bearer",
"expires_at": "2021-01-13 16:14:22"
}

Retrieve the document you need

GET Request to the document URL you need

Post Filter records:
<business_uri>/api/pr
Post Filter records with extra info:
<business_uri>/api/prx
Deceased Filter records:
<business_uri>/api/pr
Deceased Filter records with extra info:
<business_uri>/api/prx

Using variables
Header: Accept: application/json
Authorization: Bearer Token "<GeneratedAccessToken>"


Return
The raw data from the ZIP file. Save this data as zip file.


Note
- All files will be offered in ZIP format
- All information in the documents will be encoded in UTF-8