OAuth 2.0 Flows

Authorization Code Flow

GET /authorize?response_type=code&client_id=CLIENT_ID
&redirect_uri=CALLBACK_URL&scope=read

1. User authorizes the application
2. Authorization code is returned
3. App exchanges code for token
4. Access token is issued

Client Credentials Flow

POST /token HTTP/1.1
Content-Type: application/x-www-form-urlencoded

grant_type=client_credentials
&client_id=CLIENT_ID
&client_secret=CLIENT_SECRET