Not logged in
Sign in
Authentication is provided via OAuth 2, draft 13.
At present, only the code and token authorization response types are supported.
Client IDs have secrets, which must be passed for code token exchange requests.
Issued tokens are bearer tokens with no secret and no expiry.
Refresh tokens are not supported.
Possible scopes are explained here.
http(s)://api.glitch.com/oauth2/authorizehttp(s)://api.glitch.com/oauth2/tokenYou'll need to obtain a client ID to use OAuth 2.
Demo code showing how to implement both server-side and client-side auth is provided on GitHub. You can see it in action here.