Developers

Authentication API

GET
/oauth/auth

Request an authorization code

Request an authorization code be sent to a predefined callback server. If scope if set to a specific userEmail, then only questions for that user will be retrievable and modifiable. Note the oauth methods do not use the standard response format.

Parameters

Name Param Type Data Type Description
client_id query string predefined client id
scope query string What scope should the code include. If set to a specific user Email in addition to read and write, then only questions for that user will be retrievable and modifiable
redirect_uri query string Optionally, can be set to one of the predefined callback servers to select the server that will be directed the code. If not set, the code will be directed to the first predefined server.

Responses

Code Description
200 OK
404 Not found
405 Method not allowed
500 Error




POST
/oauth/token

Exchange an authorization code or refresh token

Exchange an authorization code or refresh token for an access token. This access token must be included in the Authorization header as:

Bearer 907c762e069589c2cd2a229cdae7b8778caa9f07

(for example) when requesting a protected resource. Note the oauth methods do not use the standard response format.

Parameters

Name Param Type Data Type Description
client_id body string predefined client id
client_secret body string predefined client id
grant_type body string authorization_code or refresh_token
code body string if grant type is set to authorization_code, then the code that oauth/authorize redirected
refresh_token body string if grant type is set to refresh_token, then the refresh token from a previous call to oauth/token
scope body string if grant type is set to refresh_token then the requested scope should also be included- note refresh requests do not support single user scopes

Responses

Code Description
201

Created


{
    "access_token": "907c762e069589c2cd2a229cdae7b8778caa9f07",
    "expires_in": 3600,
    "refresh_token": "43018382188f462f6b0e5784dd44c36f476ccce6",
    "scope": “read write”,
    "token_type": "Bearer"
}
404 Not found
405 Method not allowed
500 Error




GET
/oauth/logout

Logs out the bearer access token

Logs out the bearer access token that is included in the authorization header. Note the oauth methods do not use the standard response format.

Parameters

No parameters.

Responses

Code Description
200 OK
401 Invalid Authorization Credentials
405 Method not allowed
500 Error