Authentication API
/oauth/auth
Request an authorization code
Request an authorization code be sent to a predefined callback server. If scope if set to a specific userEmail, then only questions for that user will be retrievable and modifiable. Note the oauth methods do not use the standard response format.
Parameters
Name | Param Type | Data Type | Description |
---|---|---|---|
client_id | query | string | predefined client id |
scope | query | string | What scope should the code include. If set to a specific user Email in addition to read and write, then only questions for that user will be retrievable and modifiable |
redirect_uri | query | string | Optionally, can be set to one of the predefined callback servers to select the server that will be directed the code. If not set, the code will be directed to the first predefined server. |
Responses
Code | Description |
---|---|
200 |
OK |
404 |
Not found |
405 |
Method not allowed |
500 |
Error |
/oauth/token
Exchange an authorization code or refresh token
Exchange an authorization code or refresh token for an access token. This access token must be included in the Authorization header as:
Bearer 907c762e069589c2cd2a229cdae7b8778caa9f07
(for example) when requesting a protected resource. Note the oauth methods do not use the standard response format.
Parameters
Name | Param Type | Data Type | Description |
---|---|---|---|
client_id | body | string | predefined client id |
client_secret | body | string | predefined client id |
grant_type | body | string | authorization_code or refresh_token |
code | body | string | if grant type is set to authorization_code , then the code that oauth/authorize redirected |
refresh_token | body | string | if grant type is set to refresh_token , then the refresh token from a previous call to oauth/token |
scope | body | string | if grant type is set to refresh_token then the requested scope should also be included- note refresh requests do not support single user scopes |
Responses
Code | Description |
---|---|
201 |
Created { "access_token": "907c762e069589c2cd2a229cdae7b8778caa9f07", "expires_in": 3600, "refresh_token": "43018382188f462f6b0e5784dd44c36f476ccce6", "scope": “read write”, "token_type": "Bearer" } |
404 |
Not found |
405 |
Method not allowed |
500 |
Error |
/oauth/logout
Logs out the bearer access token
Logs out the bearer access token that is included in the authorization header. Note the oauth methods do not use the standard response format.
Parameters
No parameters.
Responses
Code | Description |
---|---|
200 |
OK |
401 |
Invalid Authorization Credentials |
405 |
Method not allowed |
500 |
Error |