Accessing Outreach REST API from server

When querying Outreach API from server it may be impractical to use OAuth. Therefore, Outreach also provides an alternative way for accessing a limited set of API endpoints with a per-install access token. We refer to this as method as "S2S API access" in short.

Enabling S2S API access

Add the "API Access (S2S)" feature for your app in Outreach Developer portal and select one or more API scopes that your application intends to consume. S2S API scopes are a subset of OAuth API scopes.

Then add one or more public keys in PEM-encoded format. You can generate a pair of private and public keys using openssl or similar tool.

openssl genrsa -out outreach_private_key.pem 2048
openssl rsa -in outreach_private_key.pem -outform PEM -pubout -out outreach_public_key.pem

Please be very careful to not accidentally disclose the private key. If disclosed, please replace the key immediately. After you save the page Outreach will generate the S2S_GUID for your app.

Finally select the API scopes that your application intends to consume. Note that while the S2S method offers only a limited set of endpoints the endpoint responses received through S2S and OAuth are identical.

Calling the API through S2S

To make server calls to the Outreach REST API you need to obtain an S2S token. A separate S2S token is issued per every app installation and so to generate the S2S token you'll need to submit INSTALL_ID - the app installation identifier.

The value of INSTALL_ID can be extracted from the installSetupToken query parameter from the external configuration setup URL call. It is also sent in the payloads of application lifecycle webhooks

Once you have obtained your S2S token pass it in the Authorization header of your call. For example to get all the events for the prospect use

curl -i -X GET https://api.outreach.io/api/v2/prospects \
  -H "Authorization: Bearer S2S_TOKEN"