Please keep in mind that authenticating with authorization code only works on client that have a redirect URL configured.
If you want to get an access token for a client that doesn't have a redirect URL configured, use this method with client fortnitePCGameClient and then use exchange code authentication to get another access token for the new client.
-
Choose the client you want to get an access token for from the auth clients list
-
Open https://www.epicgames.com/id/api/redirect?clientId=:clientId&responseType=code in a browser (make sure you are logged in with epicgames.com), replacing
:clientIdwith the chosen client ID -
Send a
POSTrequest to https://account-public-service-prod.ol.epicgames.com/account/api/oauth/token:
Required headers:Content-Type: application/x-www-form-urlencodedAuthorization: basicclientId:secret(encoded in Base64, list of clients here)
Body:
grant_type: authorization_codecode: (the code from the query string of the redirect response)
If done successfully, you should now have an access token that you can use to access Epic's services!
Here's what the final HTTP request should look like when you have generated an authorization code - for this example, I am authenticating with fortnitePCGameClient:
POST https://account-public-service-prod.ol.epicgames.com/account/api/oauth/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Authorization: basic ZWM2ODRiOGM2ODdmNDc5ZmFkZWEzY2IyYWQ4M2Y1YzY6ZTFmMzFjMjExZjI4NDEzMTg2MjYyZDM3YTEzZmM4NGQ=
grant_type=authorization_code&code=(code from before)