# Seamless authorization (only for a standalone solution)

Authorize a client as follows:

1. Get the **Secret Key** and **Redirect URL** in the B2COPY Back Office. To do this:

* Go to **System** > **Settings** in the B2COPY Back Office.
* Navigate to the **Side Auth** section and copy values of the **Secret Key** and **Redirect URL** fields.

{% hint style="info" %}
If the **Secret Key** field is empty, enter a value in the field and save it.\
Please note that editing other fields on the **Settings** page and saving changes may reset the **Secret Key** field to empty. If this occurs, enter a value into the field again.
{% endhint %}

<figure><img src="https://1963181118-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FNxwcNnEuBTBq87kginPk%2Fuploads%2Fgit-blob-51ba539bda84a2e40d02adcb8caf11776637b7bc%2Fside-auth-section.png?alt=media" alt="Side Auth section in System > Settings"><figcaption><p>Side Auth section in System > Settings</p></figcaption></figure>

2. Use the following method to obtain the URL of the B2COPY Web UI to which a client from a third-party CRM must be redirected. The URL includes the token for client authorization in the B2COPY Web UI.

<mark style="color:blue;">`POST`</mark> `[host]/api/v1/standalone/auth/getAuthUrl`

## **Request**

**Body**

<table><thead><tr><th>Name</th><th width="99">Type</th><th width="90">Required</th><th>Description</th></tr></thead><tbody><tr><td><code>account_id</code></td><td>string</td><td>Yes</td><td>The MT login (number) of a client account.</td></tr><tr><td><code>secrete_key</code></td><td>string</td><td>Yes</td><td>The secrete key copied from the B2COPY Back Office.</td></tr><tr><td><code>investment_platform_id</code></td><td>string</td><td>Yes</td><td><p>The identifier of the investment platform instance.</p><ul><li>If only one MT server is connected to your B2COPY investment platform, specify 1.</li><li>If you have more than one MT server connected to your B2COPY investment platform, contact the Support team for assistance.</li></ul></td></tr></tbody></table>

**Request example**

```sh
curl --location --request POST 'https://host.name/api/v1/standalone/auth/getAuthUrl' \
--data-raw '{
  "account_id": "77632289",
  "secret_key": "Password1234!",
  "investment_platform_id": "1"
}'
```

## **Response**

The response includes the URL for redirecting the client to the B2COPY Web UI, with the included token for seamless client authorization. The URL format must be as follows: `https://{domain_name}/{token}`.

**Response example**

```sh
{
  "status": 200,
  "meta": {
      "behaviours": [],
      "status": 200
  },
  "data": {
      "url": "https://my4.b2copy-demo.com/f5f9470def7b9b9b96b2427a6ebbd8c2"
  },
  "modules": []
}
```