<!DOCTYPE html> <html> <head> <title>Product Hunt API: OAuth User Authentication</title><link rel="canonical" href="https://api.producthunt.com/v2/docs/oauth_user_authentication/oauth_authorize_ask_for_access_grant_code_on_behalf_of_the_user" /><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><meta name="description" content="oauth#authorize - Ask for access grant code on behalf of the user" /><meta property="fb:app_id" content="1467820943460899" /><meta name="twitter:card" content="summary_large_image" /><meta name="twitter:site" content="@producthunt" /><meta name="twitter:title" content="Product Hunt API: OAuth User Authentication" /><meta name="twitter:description" content="oauth#authorize - Ask for access grant code on behalf of the user" /><meta name="twitter:image" content="https://url2png.producthunt.com/v6/P5329C1FA0ECB6/c51c5460c7da327a9caa0e9b7918694f/png/?url=https%3A%2F%2Fapi.producthunt.com%2Fv2%2Fdocs%2Foauth_user_authentication%2Foauth_authorize_ask_for_access_grant_code_on_behalf_of_the_user" /><meta name="twitter:creator" content="@producthunt" /><meta property="og:site_name" content="Product Hunt" /><meta property="og:title" content="Product Hunt API: OAuth User Authentication" /><meta property="og:type" content="article" /><meta property="og:image" content="https://url2png.producthunt.com/v6/P5329C1FA0ECB6/c51c5460c7da327a9caa0e9b7918694f/png/?url=https%3A%2F%2Fapi.producthunt.com%2Fv2%2Fdocs%2Foauth_user_authentication%2Foauth_authorize_ask_for_access_grant_code_on_behalf_of_the_user" /><meta property="og:description" content="oauth#authorize - Ask for access grant code on behalf of the user" /><meta property="og:locale" content="en_US" /><meta property="og:url" content="https://api.producthunt.com/v2/docs/oauth_user_authentication/oauth_authorize_ask_for_access_grant_code_on_behalf_of_the_user" /> <link rel="stylesheet" href="https://assets.producthunt.com/assets/api-28c3d5660dbcc50ab5eaff0ff6c5a951e20723a3de29d99e14fe7836eab9e774.css" media="all" /> <script src="https://api.producthunt.com/jquery-3.6.0.min.js"></script><script src="https://api.producthunt.com/jquery-ujs-1.2.3-rails.js"></script> <meta name="csrf-param" content="authenticity_token" /> <meta name="csrf-token" content="viP5lpr3PFG9Uu8jID7FN1qpAQslxu-itWYaN8kfcwu4PbkEMta8wW9gCX7z0OjfNd4YejphhdkXP2Ha5pPufg" /> <meta name="viewport" content="width=device-width, initial-scale=1, minimum-scale=1"> </head> <body> <header class="api-docs-header"> <div class="container"> <a class="api-docs-header--logo" href="https://www.producthunt.com"> <svg width="40" height="40" viewbox="0 0 40 40" xmlns="http://www.w3.org/2000/svg"><g fill="none" fill-rule="evenodd"><path d="M40 20c0 11.046-8.954 20-20 20S0 31.046 0 20 8.954 0 20 0s20 8.954 20 20" fill="#DA552F"></path><path d="M22.667 20H17v-6h5.667c1.656 0 3 1.343 3 3s-1.344 3-3 3m0-10H13v20h4v-6h5.667c3.866 0 7-3.134 7-7s-3.134-7-7-7" fill="#FFF"></path></g></svg> <h1 class="api-docs-header--logo--title">Product Hunt</h1> </a> <a class="api-docs-header--api" href="/v2/oauth/applications">API dashboard</a> </div> </header> <main class="page-main"> <div class="main-content"> <div class="container p-api-v1-docs"> <ul class="api--sidenav"> <li class="api--sidenav--heading"> <a href="/v2/docs">Welcome to the API</a> </li> <li> <li class="api--sidenav--heading"> <a href="#" data-collapsing-navigation-target="OAuth User Authentication"> OAuth User Authentication </a> </li> <ul class="api--sidenav--subnav m-active" data-collapsing-navigation="OAuth User Authentication"> <li> <a target="" href="/v2/docs/oauth_user_authentication/oauth_authorize_ask_for_access_grant_code_on_behalf_of_the_user">oauth#authorize - Ask for access grant code on behalf of the user</a> </li> <li> <a target="" href="/v2/docs/oauth_user_authentication/oauth_token_use_the_access_grant_code_you_received_through_the_redirect_to_request_an_access_token">oauth#token - Use the access grant code you received through the redirect to request an access token</a> </li> <li> <a target="" href="/v2/docs/oauth_user_authentication/oauth_test_add_the_access_token_as_header_to_any_request">oauth#test - Add the access_token as header to any request</a> </li> <li> <a target="" href="/v2/docs/oauth_user_authentication/unauthorized_oauth_oauth_test_invalid_access_tokens_will_lead_to_error_messages">unauthorized_oauth: oauth#test - Invalid access_tokens will lead to error messages</a> </li> </ul> </li> <li> <li class="api--sidenav--heading"> <a href="#" data-collapsing-navigation-target="OAuth Client Only Authentication"> OAuth Client Only Authentication </a> </li> <ul class="api--sidenav--subnav" data-collapsing-navigation="OAuth Client Only Authentication"> <li> <a target="" href="/v2/docs/oauth_client_only_authentication/oauth_token_ask_for_client_level_token">oauth#token - Ask for client level token</a> </li> <li> <a target="" href="/v2/docs/oauth_client_only_authentication/oauth_test_use_the_client_level_token_for_read_api_access">oauth#test - Use the client level token for read api access</a> </li> <li> <a target="" href="/v2/docs/oauth_client_only_authentication/unauthorized_oauth_oauth_test_invalid_access_to_user-level_content_with_just_an_client_level_token_will_lead_to_errors">unauthorized_oauth: oauth#test - Invalid access to user-level content with just an client level token will lead to errors</a> </li> </ul> </li> <li> <li class="api--sidenav--heading"> <a href="#" data-collapsing-navigation-target="GraphQL"> GraphQL </a> </li> <ul class="api--sidenav--subnav" data-collapsing-navigation="GraphQL"> <li> <a target="_blank" href="http://api-v2-docs.producthunt.com.s3-website-us-east-1.amazonaws.com/operation/query/">API Reference</a> </li> <li> <a target="_blank" href="https://ph-graph-api-explorer.herokuapp.com/">API Explorer</a> </li> </ul> </li> <li> <li class="api--sidenav--heading"> <a href="#" data-collapsing-navigation-target="Rate Limits"> Rate Limits </a> </li> <ul class="api--sidenav--subnav" data-collapsing-navigation="Rate Limits"> <li> <a target="" href="/v2/docs/rate_limits/headers">Headers</a> </li> </ul> </li> </ul> <div class="api--content"> <h2 class="resource-name"> OAuth User Authentication </h2> <h3> oauth#authorize - Ask for access grant code on behalf of the user </h3> <p class="explanation"> <ul> <li>You need to redirect your users to this endpoint <br> <em>https://api.producthunt.com/v2/oauth/authorize?client_id=[clientid]&redirect_uri=[where shall we redirect to?]&response_type=code&scope=public+private</em></li> </li> <li>Once they logged into producthunt and gave your app permission we send them back to <em>[redirect_uri]</em> together with an access_grant token as <em>code</em> parameter.</li> <li>Use this access_grant in the oauth#token step</li> </ul> <strong>Important:</strong> To write on behalf of the user you need to get your app <a href="mailto:hello@producthunt.com">approved by us</a>. Additionally you need to make sure you require `public`, `private` & `write` scopes. </p> <h3>Parameters</h3> <table class="table"> <tr> <th>Name</th> <th>Description</th> </tr> <tr> <td> client_id <span class="required">required</span> </td> <td> The id of your application </td> </tr> <tr> <td> redirect_uri <span class="required">required</span> </td> <td> Where shall we redirect the client afterwards to? </td> </tr> <tr> <td> response_type <span class="required">required</span> </td> <td> The parameter name of the request token that will be passed to your site, in case of doubt use `code` </td> </tr> <tr> <td> scope <span class="required">required</span> </td> <td> If you only require public information you want to use `public`. If you need private information of the logged-in user go with `public private`. If you have write access and want to update user information go with `public private write` </td> </tr> </table> <div class="api--request"> <h3>Request</h3> <h4>Route</h4> <pre>GET /v2/oauth/authorize?client_id=6b470306b04d50cdd028b5c6922f84d91ff0c3e617c8164ae0e04b03d6ebd655&amp;redirect_uri=http%3A%2F%2Fexample.org%2F&amp;response_type=code&amp;scope=public+private</pre> <h4>Headers</h4> <pre>Host: api.producthunt.com</pre> <h3>Response</h3> <h4>Status</h4> <pre>200 OK</pre> <h4>Headers</h4> <pre>X-Frame-Options: SAMEORIGIN X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Content-Type: text/html; charset=utf-8 ETag: W/&quot;73554857d650d89173a132a30b356691&quot; Cache-Control: max-age=0, private, must-revalidate Content-Length: 2326</pre> </div> </div> </div> </div> </main> <script> $('[data-collapsing-navigation-target]').click(function(e) { e.preventDefault(); var subgroup = $(e.target).data('collapsing-navigation-target'); $("[data-collapsing-navigation!='" + subgroup + "']").removeClass('m-active'); $("[data-collapsing-navigation='" + subgroup + "']").toggleClass('m-active'); }); </script> </body> </html>