Developer Documentation
Developer Documentation

Access Setapp server via Vendor API

Request authorization code to access the Setapp server using Vendor API

To start communicating with Setapp's server, you must request an authorization (auth) code from it. The auth code has a 20-minute lifetime, so you must pass the auth code to your server for further processing during this time.

How the communication between your app/server and the Setapp system via the Vendor API works:

  • Your app requests and receives an auth code from the Setapp server.
  • Your app passes the auth code to your server.
  • Your server exchanges the auth code for the Vendor API's access token and refreshes the token.
  • Your server uses the obtained tokens for further communication with Setapp using the API (exchanging subscription info, etc.).

You can get the auth code using the requestAuthorizationCode function. The function requires an internet connection and fails with a corresponding error if a user's iOS or MacOS device is offline.

To request the auth code, you must specify these parameters:

  • clientID: the app's client ID generated in your developer account. If you have several apps in Setapp, the clientID must be different for them (including macOS apps and their iOS companions).
  • scope: a list of functionalities you wish to authorize for communication with the Setapp system. In Swift, the possible values are listed in the VendorAuthorizationScope enum. In Objective-C, however, you’ll have to specify the values yourself as NSStrings.

    The other possible functionalities scope values are mentioned in the GET /authorize method of the Vendor API.

// Make sure an active Setapp subscription is present.
// See subscription monitoring examples on this page for more info.
SetappManager.shared.requestAuthorizationCode(
  clientID: "c1d5ab4a5666fc62983b7a6eaa9b1e53c8318a3ef70c182a",
  scope: [.applicationAccess]
) { result in
  switch result {
  case let .success(code):
    // Authentication code obtained successfully.
    // Use the code to authorize your app or server for Setapp: exchange the auth code for the access token and the refresh token using the Setapp API.
    print(code)
  case let .failure(error):
    // The request has failed.
    // See the error message for details.
    print(error)
  }
}

Updated over 1 year ago