When querying Outreach API from server it may be impractical to use OAuth. Therefore, Outreach also provides an alternative way for accessing a limited set of API endpoints with a per-install access token. We refer to this as method as "S2S API access" in short.
Add the "API Access (S2S)" feature for your app in Outreach Developer portal and select one or more API scopes that your application intends to consume. S2S API scopes are a subset of OAuth API scopes.
Then add one or more public keys in PEM-encoded format. You can generate a pair of private and public keys using
openssl or similar tool.
openssl genrsa -out outreach_private_key.pem 2048 openssl rsa -in outreach_private_key.pem -outform PEM -pubout -out outreach_public_key.pem
Please be very careful to not accidentally disclose the private key. If disclosed, please replace the key immediately. After you save the page Outreach will generate the
S2S_GUIDfor your app.
Finally select the API scopes that your application intends to consume. Note that while the S2S method offers only a limited set of endpoints the endpoint responses received through S2S and OAuth are identical.
To make server calls to the Outreach REST API you need to obtain an S2S token.
A separate S2S token is issued per every app installation and so to generate the S2S token you'll need to submit
INSTALL_ID - the app installation identifier.
Once you have obtained your S2S token pass it in the
Authorization header of your call. For example to get all the
events for the prospect use
curl -i -X GET https://api.outreach.io/api/v2/prospects \ -H "Authorization: Bearer S2S_TOKEN"