Developer Center
Getting Started
Using Jobber’s API
Building Your App
Publishing Your App
App Template Project
Custom Integrations
Changelog

Manage App Button

If your app has a settings page or some other page to manage functionalities or recent syncs, you can use the Manage App URL field within our Developer Center to expose a new button to Jobber admin users from the App Marketplace listing. This button will only appear to Jobber admin users who are viewing your App Marketplace listing after their Jobber account has already been connected to your app. The Connect button will also automatically be replaced with a Disconnect button in this case.

The Manage App button on an App Marketplace listing will look like the screenshot below. If you would like to test any workflows involving either the Manage App or Disconnect buttons, it is strongly recommended that you contact [email protected] with your app's name and the email address of your Jobber testing account and ask that the app be made visible to your account for testing.

Manage app url

Typically apps built on Jobber's platform manage user authentication in one of two ways:

  1. The app has its own username/password login system and can tell who the authenticated user/account is via sign-in
  2. The app can only be accessed from Jobber's App Marketplace and the Manage App button is used to authenticate any users navigating to it after the initial connection has happened

If your app will be handling authentication using method 1 above, then the Manage App URL can simply be a URL to your application/website and will not need to utilize the Authorization Code mentioned below. For method 2, see the next section for recommended best practices.

Utilizing Manage App Button for User Authentication

If using this method, it is highly recommend that your app takes advantage of the user query in GraphQL (with no input arguments) to look up and store the userId of the Jobber user that originally connected your app. This is because this user cannot possibly be deactivated or downgraded in Jobber without your app being disconnected first. For this reason, it can be guaranteed that API access tokens and refresh tokens associated with this user will always be valid. The same cannot be guaranteed for any other admin users in Jobber that access your app via the Manage App button.

When any Jobber admin users click on the Manage App button to access your app, they will be redirected to your app's Manage App URL, along with an authorization code in the query string, in a very similar manner to step 3 of the Authorization Code Flow.

Your app can then subsequently redeem the authorization code, which will then generate a new API access token and refresh token, regardless of whether Refresh Token Rotation is enabled or not. It should be noted that any previously issued API access tokens for that user will continue to remain valid for their 60 minute expiration period, but any previously issued Refresh tokens will be invalidated.

At this point it is highly recommended to use the user query (with no input arguments specified) in Jobber's API to determine the userId of the admin user that just accessed your app. If it is the same user that originally connected your app, then the API access token and refresh token that your app has saved for that account should be adjusted. If it is not the original app-installing user, then we recommend that the newly issued access token and refresh token should be discarded (unless required for a special use case) and that your app continue to use the original refresh token from the app-installing user. This will prevent any possible issues from other admin users accessing your app being deactivated in Jobber later.