Mailbox management with server-side authorization

In the white-label authorization world, since users won’t have access to their accounts through the Slice apps, you will have to allow them to link their mailboxes through your app.

In order to do this, please go through the following steps. This assumes you have already created a user and have the username that you used when creating the user.

1. Get a request token for the user.

Make a POST request to /api/v1/actions/login with the signature parameters described here.

The request will return a JSON object with a “requestToken” field. Use this token in step 2.

2. Call Slice’s mailbox-management endpoint.

Redirect the user’s browser to /v2/manage_mailbox with the following parameters:

Note that if the “mailbox” parameter is left empty, we assume this is a new mailbox being linked. If “email” is specified, we assume the user needs to re- authenticate and so update our access information for that email address.

3. Invalidate the request token.

Now that the mailbox is linked, make a POST to  /logout with the following parameter:

This is an important step that cancels the request token and prevents anybody else from using it to access this user’s information.