OAuth2 support allows you to use Reddit to authenticate on non-Reddit websites.
First you need an application id and secret so Reddit knows your application. You get this information by going to https://ssl.reddit.com/prefs/apps and clicking "are you a developer? create an app..."
Most of the fields don't matter much, just give it a reasonable name and description. The most important thing is the redirect uri, this should be a URL where you plan to host the script that users are redirected to after allowing access.
The part underlined in red is your consumer key (also called the client id), and the part in blue is your consumer secret (also called the client secret. You should never share this.) Hold on to them because you'll need them to write your app later.
This is information that you'll need in addition to your consumer key and secret to set up an OAuth app:
https://ssl.reddit.com/api/v1/authorize(Also known as the authorization endpoint)
https://ssl.reddit.com/api/v1/access_token(Also known as the token endpoint)
The authorization url is where you send a user's browser, so they can grant limited access to their account to your application. If the user grants access, they are redirected to your redirect uri with a code. Your app then makes a call to the access token url, using the code it received, to obtain the access token. Note that the request to the access token url must use Basic HTTP authentication with the consumer key as the username and the consumer secret as the password. If you do not provide the authentication header, or the information is incorrect, then you will receive an HTTP 401 Unauthorized response.
Once your app receives an access token, it can use it on the https://oauth.reddit.com domain to make API calls as that user (until the token expires or is revoked by the user). Note the different domains involved:
In addition to the standard authorization parameters (response_type, client_id, redirect_uri), you may specify these additional parameters that may be important to the development and usage of your application:
Here is example code on using OAuth in various languages:
Right now not quite all of the Reddit API is available to OAuth clients. Permanent tokens are now available.
You can look at the Reddit API documentation page to see if a particular API has oauth support.
Last edited by Keith Mitchell,