Is the localhost redirect_uri an issue? I can’t find documentation about this, even the url https://signin.infusionsoft.com came from other app because I can’t find anything here explaining that basic part.
Our system is Ruby on Rails and runs OAuth2 for Keap (we are a SaaS listed on the Keap Marketplace). Here’s the guys who built it. They already have all the code you need (routes, model, controller, views), and it all works.
Unfortunately I’m not familiar with Ruby, so I can’t really do much to help with the code directly, but I can at least add some explanation to the technical specifications.
An end user of your application typically requests a page, often via a button with something like “Sign In with Keap”. Your application then redirects them to our Accounts service with your Client Id to identify the request. The end user chooses the tenant they wish to grant access to, and are then redirected to your specified redirect URL with a POST that contains an Authorization Code. You may then render them a view showing that authorization was successful, etc.
At that point you can take that Authorization Code, your Client Id and Client Secret and perform a Token Request, which returns an Access Token (24h) and a Refresh Token (45d). Each time you need a new Access Token you will submit that Refresh Token for a Refresh Request, which will return a new Access Token and Refresh Token pair that you can persist.
Once you have an Access Token (or regenerate one via making a Refresh Request) you can use that as a Bearer Token in the Authorization Header of a call to our Keap APIs.
Well, that guide doesn’t explain that much. For example, it doesn’t have anything related to the signin.infusionsoft URL. I tried to hit that https://accounts.infusionsoft.com URL in those docs but same result. So, since the sign-in URL is nowhere, maybe I should focus on that account’s URL that you mention I should be redirecting to.