OAuth 2.0

Start the authorization code flow

Picket's authorization server endpoint.

GEThttps://picketapi.com/api/v1/oauth2/authorize
Query parameters
Header parameters
Response

One or more arguments are invalid or required arguments are missing

Body
codeenum
invalid_requestinvalid_clientinvalid_grantunauthorized_clientunsupported_grant_type
msg*string

Human-readable text providing additional information

Request
const response = await fetch('https://picketapi.com/api/v1/oauth2/authorize?response_mode=code&client_id=a771a1923bd403603831a2425df818a4&redirect_uri=https%3A%2F%2Fredirect.example.com%2Fcb&state=xyz&code_challenge=E9Melhoa2OwvFrEMTJguCHaoeK1t8URWbuGJSstw-cM&code_challenge_method=S256', {
    method: 'GET',
    headers: {
      "User-Agent": "text"
    },
});
const data = await response.json();
Response
{
  "code": "invalid_request",
  "msg": "text"
}

Request a new access token.

Specification

The OAuth 2.0 token endpoint used in two cases:

  • Authorization Code Grant with the [PKCE extension
  • Resource Owner Password Credentials, adapted for wallet-based authentication
POSThttps://picketapi.com/api/v1/oauth2/token
Header parameters
Body
TokenRequest (one of)
Response

New access token generated.

Body
accessToken*string

The access token value

tokenType*enum

Type of the token is set to "Bearer"

Bearer
expiresIn*integer (int32)

The lifetime in seconds of the access token

Request
const response = await fetch('https://picketapi.com/api/v1/oauth2/token', {
    method: 'POST',
    headers: {
      "User-Agent": "text",
      "Content-Type": "application/x-www-form-urlencoded"
    },
    body: JSON.stringify("grant_type=authorization_code& code=2addb9e34dcc427f05fefcb045327e8a& redirect_uri=https%3A%2F%2Fredirect.example.com%2Fcb& code_verifier=dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk"),
});
const data = await response.json();
Response
{
  "accessToken": "text",
  "tokenType": "Bearer"
}
PreviousContractsNextSign-In with Wallet (React)

Last updated