New in the API: OAuth 2.0 for better account linking
Our mission at Tremendous is to make it as easy as possible for businesses to send money to people around the world.
That’s why one of our big projects in 2023 is improving and expanding integrations — so processes that happen in some other platform can automatically trigger a Tremendous payment.
The first step is improving how accounts at third parties get connected to Tremendous accounts, and that’s why the Tremendous API now supports OAuth 2.0.
You use OAuth 2.0 all the time even if you’ve never heard of it.
It’s what’s behind the familiar authorization window that pops up when you’re connecting two accounts to each other — when you use your Google account to log in to any number of SaaS platforms, or when you use Plaid to authorize a budgeting app to read your banking transaction, for instance.
With the Tremendous API, OAuth 2.0 lets a user allow a platform to act as an authorized user of their Tremendous account with just a few clicks.
The platform completely removes itself from handling the customer’s money, and can simply let Tremendous know when it’s time to send some of that money to someone.
Here are a few ways platforms integrated with Tremendous are now using OAuth 2.0:
Panelfox triggers a payment to participants of their users’ studies once they’ve completed their participation
Friendbuy uses OAuth 2.0 to trigger a 3rd party gift card when a customer successfully refers a friend
Loudcrowd triggers a payment when a customer of their users’ brands win a giveaway or content challenge
This is how OAuth 2.0 works with Tremendous (inspired by a great graphic by Dropbox):
While this sort of platform integration has always been possible, OAuth 2.0 is just better. To date, access to Tremendous accounts has been authorized through API keys, which are more burdensome to set up for both the platform and the customer.
If you're issuing Tremendous payments on behalf of your users via our API keys, we strongly encourage you to upgrade your connection to OAuth 2.0 — it’s a one-time shift that’s better for your users and your own security posture.
Cool, first step done.
Yay us, yay you (if you’re a platform or the user of one).
What’s next?
Our team is already hard at work building and planning the integrations many of our customers and prospects have asked for, starting with Zapier. Much more on that soon!