oAuth Authorisation process

We use the oAuth 2.0 Implicit workflow to grant access tokens.

Create the oAuth request

In your app, provide a Login button that makes a request, as follows.

GET https://api.tiny.plus/oauth/authorize

This will present a login screen and a permission screen to the user.

Name Type Description

Name	Type	Description
response_type	string	Set this to `token`.
client_id	string	Your app's `client_id`, provided by tiny+.
redirect_uri	string	Provide the full URI for redirection at the conclusion of the auth flow.
scope	string	Set this to `read` or `readwrite`, depending on your requirements.
state	string	Provide a CSRF token that we will provide back to you at the end of the auth flow. This helps protect your users from man in the middle attacks.

response_type

string

Set this to token.

client_id

string

Your app's client_id, provided by tiny+.

redirect_uri

string

Provide the full URI for redirection at the conclusion of the auth flow.

scope

string

Set this to read or readwrite, depending on your requirements.

state

string

Provide a CSRF token that we will provide back to you at the end of the auth flow. This helps protect your users from man in the middle attacks.

https://[yoururl]?token_type=Bearer&expires_in=[TTL]&access_token=[your access token]&state=[your provided CSRF token]

Last updated 4 years ago