This document is translated by the community. You can contribute on Crowdin. We appreciate your cooperation 🙏.
Obtaining an Access Token via MiAuth
To get an access token for users (hereinafter simply referred to as "users") who will use your application, follow these steps:
The method described below is called MiAuth, which allows instant access token issuance without creating an app.
Step 1
Generate a UUID. This will be used as the Session ID.
Generate a new session ID each time and do not reuse them.
Step 2
Display the application authentication form in the user's browser. You can open the authentication form using a URL in the following format:
https://{host}/miauth/{session}
Here,
- Replace
{host}
with the user's server host. Usually, the host is input by the user. - Replace
{session}
with the session ID.
You can also set several options as query parameters in the URL:
Name | Description |
---|---|
name | The name of the application. |
icon | The URL of the application's icon image. |
callback | The URL to redirect to after authentication. The session ID will be added as a session query parameter on redirect. |
permission | The permissions required by the application. List the required permissions separated by commas.Check the list of permissions here. |
https://misskey.io/miauth/c1f6d42b-468b-4fd2-8274-e58abdedef6f?name=MyApp&callback=https%3A%2F%2Fmyapp.example.com%2Fcallback&permission=write:notes,write:following,read:drive
Step 3
After the user grants access to the application, make a POST request to a URL in the following format to receive a JSON response containing the access token.
https://{host}/api/miauth/{session}/check
Here,
- Replace
{host}
with the user's server host. - Replace
{session}
with the session ID.
The properties included in the response are as follows:
Name | Description |
---|---|
token | The user's access token. |
user | Information about the user. |