Skip to main content
Leaf connects to Lindsay FieldNET using OAuth 2.0 credentials. Once connected, Leaf syncs irrigation activity data for the Leaf user.

Prerequisites

  1. A Lindsay developer account with API access.
  2. Your application’s clientId and clientSecret from Lindsay.
  3. A grower’s refreshToken obtained through the Lindsay OAuth 2.0 consent flow.
  4. The clientEnvironment for your integration: STAGE or PRODUCTION.

Credentials schema

FieldTypeRequiredDescription
clientIdstringYesYour Lindsay application client ID.
clientSecretstringYesYour Lindsay application client secret.
refreshTokenstringYesThe grower’s OAuth refresh token.
clientEnvironmentstringYesSTAGE or PRODUCTION.

Endpoints

MethodPathDescription
GET/users/{leafUserId}/lindsay-credentialsGet stored credentials.
POST/users/{leafUserId}/lindsay-credentialsCreate credentials.
DELETE/users/{leafUserId}/lindsay-credentialsDelete credentials.
GET/users/{leafUserId}/lindsay-credentials/eventsGet credential events for troubleshooting.
Base URL: https://api.withleaf.io/services/usermanagement/api

Create credentials

curl -X POST \
  -H 'Authorization: Bearer YOUR_TOKEN' \
  -H 'Content-Type: application/json' \
  -d '{
    "clientId": "your-client-id",
    "clientSecret": "your-client-secret",
    "refreshToken": "grower-refresh-token",
    "clientEnvironment": "PRODUCTION"
  }' \
  'https://api.withleaf.io/services/usermanagement/api/users/{leafUserId}/lindsay-credentials'

Response

{
  "id": "uuid",
  "status": "str",
  "createdTime": "2026-01-15T12:00:00.000000Z",
  "tokenMetadata": { "scopes": ["str"] },
  "clientId": "your-client-id",
  "clientSecret": "your-client-secret",
  "clientEnvironment": "PRODUCTION",
  "accessToken": "str",
  "refreshToken": "grower-refresh-token"
}

Troubleshooting

Use the events endpoint to check credential health. Events are retained for 30 days and are deleted when the credential is removed. 
GET /users/{leafUserId}/lindsay-credentials/events

What to do next

Last modified on March 19, 2026