OAuth Information

ATLauncher allows you to authorize users who have ATLauncher Admin accounts using OAuth 2.

Getting Credentials

At the moment this system is closed off so you won't be able to get client/secret id's to use this. Once we're finished testing and implementing everything, this will change.

Authorization

To get a client token for a user you must redirect the user to the following url:

  https://admin.atlauncher.com/oauth/authorize?client_id=(client id here)&redirect_uri=(redirect url here)&response_type=code&scope=(comma separated scope/s here)

This will prompt the user to login/authorize the your application and show them the scope of your access.

If authorized it will redirect back to your redirect url with a GET code paramater which you must then make a POST request to the following url:

  https://admin.atlauncher.com/oauth/access_token

And it must contain the following POST data:

  client_id (the client id of your application)
  client_secret (the secret id of your application)
  code (the code GET parameter from above)
  grant_type (this should be set to 'authorization_code')
  redirect_uri (the redirect url of your application)

If the request and code is valid you'll receive a JSON response like the following:

  {
      "access_token": "YS9M8ySAIyLs6PqDM6XT7GMIXaJHwny4sjp7EIUr",
      "token_type": "Bearer",
      "expires_in": 3600
  }

Scopes

Below you can find the scopes you can use and what they provide:

verify: Verifies a users account. Doesn't give you any information, used merely to check account or access oauth protected endpoints.

oauth/information.txt · Last modified: 2016/02/08 16:12 (external edit)