Authorize

We use standard OAuth. The typical flow goes like this:

• Perform a GET request to /oauth/authorize with url parameters client_id, redirect_uri, scope (a space separated list of requested scopes) and response_type=code.
• Once the user grants your app permission to access their data, the browser will redirect to redirect_uri with a url parameter code
• With this code, your application will have 10 minutes to perform a POST request to /oauth/token with parameters client_id, client_secret, code, redirect_uri and grant_type=authorization_code