This is assuming you have a client_id and a client_secret for your app. If you don't have one, please go create an app at the Developer Dashboard
The munzee player needs to allow your app to access the munzee platform on his behalf. Guide the munzee player to
with the client ID listed in the developer dashboard. The scope parameter excepts a space-separated list of scopes that are allowed for your app and that should be applied to the token (in most cases this is just read
like in the example). Also the redirect_uri has to be the same as what you set up at the developer dashboard. If your app needs any state information passed through the process, you can use the state
parameter for this. Otherwise it can be omitted.
The user will be presented with a webpage to allow your app to access their munzee information. The player may have to login to their munzee account to see the approval page.
If the user clicks "Allow Access", they will be redirect to the URI that was set up with your application. The request will look something like this, assuming that the URI you provided was https://myfancymunzeeapp.org/handle_oauth
will be empty if you did not use it in step 1.
You will now have to use the code parameter from step 3 along with your client ID and secret to request the bearer token for the user.
curl -X POST --data "client_id=yourclientid&client_secret=yourclientsecret&grant_type=authorization_code&code=JkEQQmjgbPavmqtJtbYEyAD7lYAMYLKBEZhlfeTn&redirect_uri=https://myfancymunzeeapp.org/handle_oauth" https://api.munzee.com/oauth/login
You will get a response similar to
The access_token returned is the bearer token.
If the access token has expired (check the received “expires” timestamp), the application has to request a new access token. You can accomplish this by going back to step 1, or using the refresh token from step 5. The refresh token is valid for 3 months.
curl -X POST --data "client_id=yourclientid&client_secret=yourclientsecret&grant_type=refresh_token&refresh_token=yourrefreshtoken" https://api.munzee.com/oauth/login
You are ready to start making successful API calls using the Bearer token! Start looking at our docs
* Using cURL for the authentication process as we did in the examples above is not a requirement. You can use any language or framework that is able to fire HTTP requests.