Obtain access token

External applications could obtain a user authorized API token via the OAuth2 protocol. Before getting started, developers need to create their applications in App Management Console and configure a valid OAuth redirect URL. A registered Raindrop.io application is assigned a unique Client ID and Client Secret which are needed for the OAuth2 flow.

This procedure is comprised of several steps, which will be described below.

If you just want to test your application, or do not plan to access any data except yours account you don't need to make all of those steps.

Just go to App Management Console and open your application settings. Copy Test token and use it as described in Step 4.

get
Step 1: The authorization request

https://raindrop.io/oauth/authorize
Direct the user to our authorization URL with specified request parameters. — If the user is not logged in, they will be asked to log in — The user will be asked if he would like to grant your application access to his Raindrop.io data
Request
Response
Request
Query Parameters
redirect_uri
required
string
Redirect URL configured in your application setting
client_id
required
string
The unique Client ID of the Raindrop.io app that you registered
Response
307: Temporary Redirect
Check details in Step 2
User will be asked if he would like to grant your application access to his Raindrop.io data

Step 2: The redirection to your application site

When the user grants your authorization request, the user will be redirected to the redirect URL configured in your application setting. The redirect request will come with query parameter attached: code .

The code parameter contains the authorization code that you will use to exchange for an access token.

In case of error redirect request will come with error query parameter:

Error

Description

access_denied

When the user denies your authorization request

invalid_application_status

When your application exceeds the maximum token limit or when your application is being suspended due to abuse

post
Step 3: The token exchange

https://raindrop.io/oauth/access_token
Once you have the authorization code, you can exchange it for the access_token by doing a POST request to this URL
Request
Response
Request
Query Parameters
code
required
string
Code that you received in step 2
client_id
required
string
The unique Client ID of the Raindrop.io app that you registered
client_secret
required
string
Client secret
redirect_uri
required
string
Same redirect_uri from step 1
grant_type
required
string
authorization_code
Response
200: OK
{
"access_token": "ae261404-11r4-47c0-bce3-e18a423da828",
"refresh_token": "c8080368-fad2-4a3f-b2c9-71d3z85011vb",
"expires": 1209599768,
"token_type": "Bearer"
}
400: Bad Request
Occurs when code parameter is invalid
{"error": "bad_authorization_code"}

post
♻️ The access token refresh

https://raindrop.io/oauth/access_token
For security reasons access tokens (except "test tokens") will expire after two weeks. In this case you should request the new one, by calling POST request with such parameters:
Request
Response
Request
Query Parameters
client_id
required
string
The unique Client ID of your app that you registered
client_secret
required
string
Client secret of your app
grant_type
required
string
refresh_token
refresh_token
required
string
Refresh token that you get in step 3
Response
200: OK
{
"access_token": "ae261404-18r4-47c0-bce3-e18a423da898",
"refresh_token": "c8080368-fad2-4a9f-b2c9-73d3z850111b",
"expires": 1209599768,
"token_type": "Bearer"
}