The web application flow to authorize users for your app is:
|client_id||string||Required. The client ID you received from AmanzMe when you register your app.|
|redirect_url||string||The URL in your application where users will be sent after authorization.|
|response_type||string||The type of response wanted. Use code as the default.|
|state||string||An unguessable random string. It is used to protect against cross-site request forgery attacks.|
If the user accepts your request, AmanzMe redirects back to your site with a temporary code in a code parameter as well as the state you provided in the previous step in a state parameter. The temporary code will expire after 10 minutes. If the states don't match, then a third party created the request, and you should abort the process.
Exchange this code for an access token:
|client_id||string||Required. Required. The client ID you received from AmanzMe for your OAuth App.|
|client_secret||string||Required. The client secret you received from AmanzMe for your OAuth App.|
|code||string||Required. The code you received as a response to Step 1.|
|redirect_url||string||The URL in your application where users are sent after authorization.|
|state||string||The unguessable random string you provided in Step 1.|
The access token allows you to make requests to the API on a behalf of a user.
Authorization: token OAUTH-TOKEN
For example, in curl you can set the Authorization header like this:
curl -H "Authorization: token OAUTH-TOKEN" url