Find file
Fetching contributors…
Cannot retrieve contributors at this time
47 lines (28 sloc) 1.72 KB


POST oauth/access_token


Allows a Consumer application to exchange an OAuth Request Token for an OAuth Access Token, which can be used to access protected resources on behalf of the user. This method fulfills Section 6.3 of the OAuth 1.0 authentication flow.

The OAuth Access Token may also be used for xAuth operations.

Requires authentication

OAuth Request Token received using the request_token method. Requires oauth_verifier when using authorize in authentication workflow.

Note that this request must be signed with a Request Token even when using the xAuth workflow.


Standard oAuth workflow:

  • oauth_callback (required) — A valid URL on the Consumer side the user should be redirected to once they authorize the request.

xAuth workflow:

  • x_auth_mode (required) — xAuth modificator. Recognized values: 'client_auth'.
  • x_auth_username (required) — The username or email address of the user to obtain a token for.
  • x_auth_password (required) — The password of the user for which to obtain a token for.

Return format

Text, containing an query string-encoded list of OAuth parameters.

  • oauth_token — An Access Token
  • oauth_token_secret — An Access Token's Secret


  • 401 Invalid OAuth Request — Request for the token was malformed or uses an unknown OAuth version