All requests to the Sync API must be authenticated and must include a valid access token. You can reuse an existing access token only if it is tagged with sync permission scope.
The sync scope controls whether you can perform a synchronization flow.
To authenticate your device for the Sync API, use the standard Authorization header using the Bearer authentication scheme to transmit the access token. We provide in-depth documentation for the OAuth 2.0 protocol.
Grant read-only access to all your data via the Sync API.
Start Synchronization Flow
To start a new synchronization flow you send a POST request to the /v2/sync/startStart Session endpoint.
As stated in the previous article you must provide a UUID for the device for which you want to perform synchronization via the X-Basecrm-Device-UUID header.
A device UUID is a string that you generate and then reuse across synchronization sessions. The UUID must not change. The Sync service uses this to track everything you acknowledge.
Authorization: Bearer $ACCESS_TOKEN
If you get a 204 response, there is nothing to download, and you can stop the flow.
HTTP/1.1 204 No Content
If you get a 201 response, there is data to synchronize.
The payload includes a session unique identifier you use to fetch data from queues later on, and an array of queues to synchronize. At this moment the queues array will include only a sinqle item - the main queue.
The queue object includes number of pages left and the number of elements to sychronize.