Obtain access token

External applications could obtain a user authorized API token via the OAuth2 protocol. Before getting started, developers need to create their applications in App Management Console and configure a valid OAuth redirect URL. A registered application is assigned a unique Client ID and Client Secret which are needed for the OAuth2 flow.
This procedure is comprised of several steps, which will be described below.
If you just want to test your application, or do not plan to access any data except yours account you don't need to make all of those steps.
Just go to App Management Console and open your application settings. Copy Test token and use it as described in Make authorized calls.
Step 1: The authorization request
User will be asked if he would like to grant your application access to his data
Here example CURL request:
curl ""

Step 2: The redirection to your application site

When the user grants your authorization request, the user will be redirected to the redirect URL configured in your application setting. The redirect request will come with query parameter attached: code .
The code parameter contains the authorization code that you will use to exchange for an access token.
In case of error redirect request will come with error query parameter:
When the user denies your authorization request
When your application exceeds the maximum token limit or when your application is being suspended due to abuse
Step 3: The token exchange
Here an example CURL request:
curl -X "POST" "" \
-H 'Content-Type: application/json' \
-d $'{
"code": "c8983220-1cca-4626-a19d-801a6aae003c",
"client_id": "5e1c589cf6f48c0211311383",
"redirect_uri": "",
"client_secret": "c3363988-9d27-4bc6-a0ae-d126ce78dc09",
"grant_type": "authorization_code"
♻️ The access token refresh