GuideCustom appsAPIPOST /oauth1/v1/access_token

The POST /oauth1/v1/access_token endpoint performs the final setup and validation of OAuth version 1 accounts. Information as received from the third party upon redirection to the previously posted callback_uri are sent to this endpoint, with other applicable account information, for final setup. The account is then validated and, if successful, the account is returned; if there is an error, it is to be raised appropriately.

The information that is sent to endpoint includes:

  • fields.access_token - request token granted during authorization step
  • fields.access_secret - request secret granted during authorization step
  • fields.callback_uri - callback uri that is used for user redirection
  • oauth_verifier - the verification code received upon accepting on third-party service consent screen.

Request body sample:

{
    "fields": {
        "access_token": "xxxx", // token value from authorize step
        "access_secret": "xxxxx", // secret value from authorize step
        "callback_uri": "https://oauth.vizydrop.com?state=xxxxx"
    },
    "oauth_verifier": "xxxxx"
}

Response can include any data that will be used to authenticate account and fetch information.

Tip: You can include parameters with refresh_token and expires_on and then on validate step proceed with access token refresh if it is expired or about to expire.

Response body sample:

{
    "access_token": "xxxxxx",
    "refresh_token": "xxxxxx",
    "expires_on": "2020-01-01T09:53:41.000Z"
}