Using CURL
Acquiring an access token using curl commands in the command line consists of two separate steps. First, you need to make an HTTP request to get an Authorization Response. Then, execute a curl command to exchange the received code for an access token.
External documentation. Learn more about Authorization Response - https://www.rfc-editor.org/rfc/rfc6749#section-4.1.2
Receiving authorization code (http)
- Open your browser and enter the following command in the search bar:
https://{your_timeline_instance}.com/api/auth/oauth/authorize?response_type=code&client_id={clientID}&redirect_uri={redirectURI}
Note. If you are using Proof Key for Code Exchange (PKCE) addition to the Authorization Code grant type, make sure to provide code_challenge and code_challenge_method parameters. Their values should correspond to the authorization flow configuration in your application or system.
External documentation. Learn more about PKCE - https://www.rfc-editor.org/rfc/rfc7636.
- Log in to your Timeline account in the usual form.
Note. If you are already logged in, this step will be skipped. - A dialog will appear, where an OAuth client registered in your Timeline account is asking for your consent to provide access to your Timeline account.
Make sure you are giving consent to the correct client. - Additionally, you can check and edit the scopes that will be granted after you finish the authentication process. To do it, click Manage the permissions. It will expand the permissions list where you can see the active scopes. If needed, you can unmark the checkboxes for the excessive scopes which you do not plan to use.
For details on existing scopes, see Scopes. - When everything is reviewed, click Allow to provide your consent and proceed with authentication.
Note. Clicking Deny will abort the authentication process. - You will receive a response like this, also in the search bar:
https://{your_timeline_instance}.com/open-api/1.0/oauth2-redirect.html?code={code}
- Copy the code value, the code is essential to proceed with the next step - requesting a token.
Requesting access token
Use the received authorization code to request an access token using a respective command, depending on your operating system:
On Windows
On Linux
9/5/2024 4:23:54 PM