To enable access to the Orcabase API, you must first register your developer app with Triple Whale, along with the user accounts you wish to grant access to. This process provides the credentials needed to authenticate and authorize API requests on behalf of your registered users.
Step 1: Access the Developer Portal
- Visit the Triple Whale Developer Portal.
- Sign in with your existing account or create a new one.
Step 2: Register a New Developer App
Complete the registration form with the following details:
- App Brand (Logo): Upload a logo to represent your app.
- App Name: Provide a unique and identifiable name for your app (e.g.
Example App). - App Link: Enter a link to your app or company website (e.g.
example-app.com. - Redirect URIs: Add one or more redirect URIs where your users will be directed after granting permissions (e.g.
example-app.com/callback. - Select Providers: Select one or more providers that your users will be able to connect with (e.g. Facebook, Google, TikTok, Shopify).
Step 3: Receive Your App Credentials
After submitting the form, you will receive the following credentials displayed once in the UI, as well as via email:
client_id: A unique identifier for your app.client_secret: A secure key used to authenticate API requests. These credentials are displayed only once, so make sure to copy and save them securely.
Step 4: Register User Accounts
Now that your App has been registered, you can add your users' accounts either via the Register Account flow, or via the /register-account API endpoint. For each user account you wish to register, you will need to provide the following:
- Account ID: Your user's unique account ID (e.g.
example-user-account). Must be globally unique. Recommended to use the same unique user ID as in your existing systems. - Account Name: Your user's account name (e.g.
Example User Account). - Timezone: Your user's account timezone.
- Currency: Your user's account currency.
Best Practices
- Redirect URIs: Ensure these match exactly with the URLs used in your app. Any mismatched URI will result in errors during the OAuth process.
- Secure Your Client Secret: Treat your
client_secretlike a password—store it securely and avoid exposing it in client-side code or public repositories. - Testing Environment: Use a test environment for initial integration and verify all API calls work as expected before going live.
Now that you have your app credentials and have registered user accounts, you can implement the user connection flow to authenticate your users and authorize API access.