{"_id":"56ace30c5ac4060d00278664","category":{"_id":"56acd93a13ac890d001c3c82","__v":4,"pages":["56acdb1c13ac890d001c3c83","56ace30c5ac4060d00278664","56ace4611c09150d00a18379","56acebfb13ac890d001c3c8a"],"project":"56acd71213ac890d001c3c7a","version":"56acd71213ac890d001c3c7d","sync":{"url":"","isSync":false},"reference":false,"createdAt":"2016-01-30T15:39:38.798Z","from_sync":false,"order":1,"slug":"authorization","title":"Authorization"},"__v":5,"githubsync":"","project":"56acd71213ac890d001c3c7a","user":"56acd6caa040860d00ac94a2","parentDoc":null,"version":{"_id":"56acd71213ac890d001c3c7d","project":"56acd71213ac890d001c3c7a","__v":15,"createdAt":"2016-01-30T15:30:26.928Z","releaseDate":"2016-01-30T15:30:26.928Z","categories":["56acd71313ac890d001c3c7e","56acd8f113ac890d001c3c81","56acd8f95ac4060d0027865e","56acd93a13ac890d001c3c82","56ad20660ab3c00d00ce3347","56ad356a2a7860170013f714","56ad47eb0ab3c00d00ce334f","56afd523bc304a0d00ace1df","56b29a019621f20d00efb37e","56b657e11bc6970d009feee7","5845cc3c39950c1b002afe77","5845cde163c11b250037967e","5846efd45d064323007b17b4","588604da4674e32300efd160","588627882393d50f00f1322c"],"is_deprecated":false,"is_hidden":false,"is_beta":false,"is_stable":true,"codename":"","version_clean":"1.0.0","version":"1.0"},"updates":[],"next":{"pages":[],"description":""},"createdAt":"2016-01-30T16:21:32.789Z","link_external":false,"link_url":"","sync_unique":"","hidden":false,"api":{"settings":"","results":{"codes":[]},"auth":"required","params":[],"url":""},"isReference":false,"order":0,"body":"GameWisp uses [OAuth2](http://oauth.net/2/) as the main authorization mechanism for access to GameWisp channel and user data. This is a standard OAuth2 implementation that currently leverages the [authorization code grant flow](http://tools.ietf.org/html/rfc6749#section-1.3). \n\nIf future applications request/require it, additional grant flows may be added in the future.\n[block:api-header]\n{\n  \"type\": \"basic\",\n  \"title\": \"Authorization Overview\"\n}\n[/block]\n1. [Generate a client ID and secret](https://gamewisp.readme.io/docs/api-authorization) for your application via GameWisp.\n2. Build a url to  [/oauth/authorize](https://gamewisp.readme.io/docs/oauthauthorize) and put it in a link on a page on your site.\n3.  Once the user clicks on that link, they’ll be directed to the [/oauth/authorize](https://gamewisp.readme.io/docs/oauthauthorize) endpoint on GameWisp.\n4. The user will either approve access to your app or decline. In either case, they’ll be redirected to the **redirect_uri** you specify with an authorization code (in the case of approval) or an error (in the case of denying access).\n5. If the user approved access, take the code parameter and use the [/oauth/token](https://gamewisp.readme.io/docs/oauthtoken) endpoint to receive an **access_ token** and a** refresh_token**.\n[block:api-header]\n{\n  \"type\": \"basic\",\n  \"title\": \"What Next?\"\n}\n[/block]\nThe next step is to [Register Your Application](https://gamewisp.readme.io/docs/api-authorization).","excerpt":"A brief overview of how client and channel authorization works with the GameWisp API.","slug":"overview","type":"basic","title":"Overview"}

Overview

A brief overview of how client and channel authorization works with the GameWisp API.

GameWisp uses [OAuth2](http://oauth.net/2/) as the main authorization mechanism for access to GameWisp channel and user data. This is a standard OAuth2 implementation that currently leverages the [authorization code grant flow](http://tools.ietf.org/html/rfc6749#section-1.3). If future applications request/require it, additional grant flows may be added in the future. [block:api-header] { "type": "basic", "title": "Authorization Overview" } [/block] 1. [Generate a client ID and secret](https://gamewisp.readme.io/docs/api-authorization) for your application via GameWisp. 2. Build a url to [/oauth/authorize](https://gamewisp.readme.io/docs/oauthauthorize) and put it in a link on a page on your site. 3. Once the user clicks on that link, they’ll be directed to the [/oauth/authorize](https://gamewisp.readme.io/docs/oauthauthorize) endpoint on GameWisp. 4. The user will either approve access to your app or decline. In either case, they’ll be redirected to the **redirect_uri** you specify with an authorization code (in the case of approval) or an error (in the case of denying access). 5. If the user approved access, take the code parameter and use the [/oauth/token](https://gamewisp.readme.io/docs/oauthtoken) endpoint to receive an **access_ token** and a** refresh_token**. [block:api-header] { "type": "basic", "title": "What Next?" } [/block] The next step is to [Register Your Application](https://gamewisp.readme.io/docs/api-authorization).