OAuth

You can connect use redguy.ru as OAuth provider with several authentication/authorization flows. To access resources of redguy.ru, a client should obtain an access token. The flow that the client may use depends on:

What type of resources needed
The type of client application

OAuth 2.0 Endpoints

Authorization endpoint: https://redguy.ru/oauth/authorize

Token endpoint: https://api.redguy.ru/v1/auth/oauth/code

User info endpoint: https://api.redguy.ru/v1/users/get

Application token endpoint: https://api.redguy.ru/v1/token/issue

Scopes

Scope	Description
1	Identify user
2	Got user email address

Glossary

Application id - Unique identifier of your application. You can get it in the developer panel at redguy.ru/dev

Application secret - Secret key of your application. You got it when you created your application.

Scope - A list of permissions that the application requests. The user will see this list when they log in to the application.

Application redirect URI - The address to which the user will be redirected after successful authorization. You cat set it via support request.

Allowed flows

Application	Flow	Required parameters	Description
Web application without server	Implicit Flow	`application id`	Handle in browser request with a grants
Web application with server	Authorization Code Flow	`application id`, `application secret`	Handle request on server
Mobile application	Authorization Code Flow with refresh token	`application id`, `application secret`	Handle request on server
Server application	Application Token Flow	`application id`, `application secret`

Implicit Flow

Client is public. Typically a JavaScript code in a browser.

Redirect user to the authorization endpoint:
https://redguy.ru/oauth/authorize?response_type=token&client_id=<application id>&redirect_uri=<application redirect URI>&scope=<scope>&state=<state>
After successful authorization, the user will be redirected to the application redirect URI with the access token in the URL:
https://<application redirect URI>#access_token=<access token>&token_type=bearer&expires_in=<expires in>&state=<state>

Authorization Code Flow

Client is confidential. Typically a server-side application.

Redirect user to the authorization endpoint:
https://redguy.ru/oauth/authorize?response_type=code&client_id=<application id>&redirect_uri=<application redirect URI>&scope=<scope>&state=<state>
After successful authorization, the user will be redirected to the application redirect URI with the authorization code in the URL:
https://<application redirect URI>?code=<authorization code>&state=<state>
Exchange the authorization code for an access token:
POST /v1/auth/oauth/code HTTP/1.1 Host: api.redguy.ru Content-Type: application/x-www-form-urlencoded grant_type=authorization_code&code=<authorization code>&client_id=<application id>&client_secret=<application secret>&redirect_uri=<application redirect URI>
The server will respond with the access
{ "access_token": "<access token>", "token_type": "bearer", "expires_in": <expires in> }

Authorization Code Flow with refresh token

Currently available only with support request.

Application Token Flow

Client is confidential. User is not involved. Typically a server-side application.

Request an application token:
POST /v1/token/issue HTTP/1.1 Host: api.redguy.ru Content-Type: application/json { "app": <application id>, "secret": md5(<application secret> + <timestamp>), "ts": <timestamp>, "scope": <scope>, "name": <token name> }
The server will respond with the access
{ "code": 0, "comment": "OK", "response": { "id": <token id>, "token": "<access token>" } }

Last modified: 28 сентября 2024