The Authorization Code is an OAuth 2.0 grant that can be used to get short term access tokens and long term refresh tokens to access APIs on a user's behalf.
In this tutorial we will work through the steps needed in order to get the user's authorization and get a token required to access subsequent API calls.
Steps
- Create an app on App Registration Portal.
- Select authentication method as Authorization Code Flow.
- Add your auth callback url
Redirect URIsto your application url example:https://YOUR_SERVER.com/auth_callback. - Save the app.
- Generate the
client_secretfrom the app.
Token lifetime
- Access token expiration: 21600 seconds (6 hours)
- Refresh token expiration: 15552000 seconds (6 months)
- Refresh token sliding: yes
- Authorization code expiration: 600 seconds
Get the authorization code and token
Refer to the Authorization Code Flow documentation for more details.