AgLeader

​

Prerequisites

1. An AgLeader developer account. Create an account.
2. Your application’s publicKey and privateKey from AgLeader.
3. A grower’s refreshToken obtained through the AgLeader OAuth consent flow.

​

Setup steps

1. Complete the AgLeader OAuth flow to obtain a refreshToken for the grower’s account.
2. POST the credentials to Leaf:

curl -X POST \
    -H 'Authorization: Bearer YOUR_TOKEN' \
    -H 'Content-Type: application/json' \
    -d '{
      "refreshToken": "grower-refresh-token",
      "publicKey": "your-public-key",
      "privateKey": "your-private-key"
    }' \
    'https://api.withleaf.io/services/usermanagement/api/users/{leafUserId}/ag-leader-credentials'

3. Leaf validates the token and begins syncing. Check credential status with GET /users/{leafUserId}/ag-leader-credentials.

​

Credentials schema

{
  "id": "uuid",
  "status": "str",
  "createdTime": "yyyy-MM-dd'T'HH:mm:ss.SSSSSS'Z'",
  "accessToken": "str",
  "refreshToken": "str",
  "publicKey": "str",
  "privateKey": "str"
}

​

Endpoints

​

Troubleshooting

curl -X GET \
    -H 'Authorization: Bearer YOUR_TOKEN' \
    'https://api.withleaf.io/services/usermanagement/api/users/{leafUserId}/ag-leader-credentials/events'

• Status changes to invalid: The grower may have revoked access or tokens expired. Have the grower re-authorize through the AgLeader OAuth flow.
• Key mismatch: Verify that the publicKey and privateKey are from the same AgLeader application registration.

​

What to do next

• Connect AgLeader Tutorial — Step-by-step walkthrough.
• Provider Authentication Overview — How provider credentials work across all providers.
• API Reference: Providers — Full endpoint reference for provider credentials.