Zipwire integration - OAuth and sandbox isolation

Hello

I’m a developer integrating Zipwire so freelancers can invoice via FreeAgent. I need to setup fake contacts, projects, products and send invoices just for testing.

So I have setup Zipwire as an application in the live system and have my client ID and secret for OAuth. And I have also setup my business in the sandbox as if a customer SME using FreeAgent for accounting.

I’m unsure of the relationship between my live OAuth app and the sandbox.

- Do I need to register Zipwire again as a separate OAuth app in FreeAgent Sandbox (different from the live one)? If I need to register again, then where do I go?

- Or should I use my live Zipwire OAuth app credentials, and then use sandbox URLs for auth endpoint, token endpoint and eventual API calls? Or just for API calls?

Thanks

Luke

Follow-up / resolution

I managed to get the OAuth flow working for my sandbox SME business. Not used the API anmy further yet but this works:

Summary for anyone doing the same:

• One OAuth app: Register Zipwire once in the live FreeAgent system as an application. Use that single client ID and client secret everywhere (sandbox and live).

• Sandbox = URLs + sandbox account:

• Use sandbox base URLs for the OAuth endpoints (authorize, token) and for all API calls when testing.

• Use a sandbox FreeAgent account (your “customer” SME) to sign in and grant access.

• You do not register Zipwire again as a separate app in the sandbox. Same live app credentials + sandbox URLs + sandbox user/business = isolated testing without touching live data.