OAuth API โ
Get App โ
prolog
GET API_BASE/apps/:app_idParameters โ
| Parameter | Type | Description |
|---|---|---|
app_id | string | The app ID. |
Response โ
json
{
"data": AppObject,
"ts": 1723923923
}Authorize โ
prolog
GET API_BASE/oauth/authorize?client_id=:client_id&redirect_uri=:redirect_uri&scope=:scope&state=:state&code_challenge=:code_challenge&code_challenge_method=:method&json=:jsonAuthorization Required โ
| OAuth | APIKey |
|---|---|
| Yes | Yes |
Query Parameters โ
| Parameter | Type | Description |
|---|---|---|
client_id | string | OAuth client ID. |
redirect_uri | string | Redirect URI (must match app config). |
scope | string | OAuth scope (e.g. user.public, post.write, credit.read). |
state | string | OAuth state value. |
code_challenge | string | PKCE challenge. |
code_challenge_method | string | S256 or plain (default: S256). |
json | string | true to return JSON instead of redirect. |
Response โ
- Redirects to
redirect_uriwithcodeandstateby default. - When
json=true, returns:
json
{
"data": {
"client_id": "app_id",
"redirect_uri": "https://...",
"url": "https://...",
"code": "...",
"state": "..."
},
"ts": 1723923923
}Scopes โ
| Scope | Description |
|---|---|
user.public | Read basic profile information for the user. |
user.full | Read full profile information for the user. |
post.write | Read and manage posts and related content. |
credit.read | Read credit balance and credit ledger entries. |
credit.full | Read credit balance and ledger, and consume credit. |
apikey.read | Read API keys and verify API key hashes. |
Token โ
prolog
POST API_BASE/oauth/tokenRequest Body (Form) โ
text
grant_type=authorization_code
client_id=...
redirect_uri=...
code=...
code_verifier=...For refresh:
text
grant_type=refresh_token
client_id=...
refresh_token=...Response โ
Returns raw JSON (no wrapper):
json
{
"access_token": "...",
"token_type": "Bearer",
"refresh_token": "...",
"expires_in": 2592000,
"expiry": "2025-04-19T00:00:00Z"
}UserInfo โ
prolog
GET API_BASE/oauth/userinfoAuthorization Required โ
| OAuth | APIKey |
|---|---|
| Yes | No |
Response โ
Returns raw JSON (no wrapper), in which sub is the pairwise OAuth user ID for the app and uuid is the user's global UUID. Email fields are present only when available.
json
{
"sub": "...",
"uuid": "...",
"name": "User Name",
"picture": "https://...",
"email": "user@example.com",
"email_verified": true
}Revoke App โ
prolog
DELETE API_BASE/oauth/apps/:app_idAuthorization Required โ
| OAuth | APIKey |
|---|---|
| Yes | Yes |
Response โ
json
{
"data": null,
"ts": 1723923923
}