Augur OAuth Flow
Augur implements the Oauth 2.0 specification, and each Augur instance is capable of acting as an authorization server for external applications.
If your Augur instance is running behind Nginx or Apache, make sure this parameter (or its Apache equivalent) is set in your
proxy_set_header X-Forwarded-Proto $scheme;
Registering a user account on the desired Augur instance is a requirement for creating a Client Application. The developer of the application must follow the below steps:
Navigate to the home page of the desired Augur instance.
Click “Login” on the navigation bar.
Click “Register” and fill out the account details.
Once you have registered an account, follow the below steps to create a new Client Application:
Click your username in the navigation bar.
- In the create application form, fill out the application name and redirect URL
The redirect URL is relative to the user-agent (i.e. the user’s browser), and must be accessible to the user-agent.
If you are testing an application locally, you may use
http://localho.stas the host for the redirect URL. The authorization server will not prevent redirection if the redirect url is unreachable.
Once the application has been created, note the Application ID and Client Secret, as you will need them for application authentication requests.
Making Authenticated Requests
Once the User Session Token has been acquired, authenticated requests must be made using both the Client Secret and the Bearer Token. Authentication credentials must be provided in the
Authorization header as such:
Authorization: Client [Client Secret], Bearer [User Session Token]
Please note that both the Client Secret and the User Sesson Token must be included in the Authorization header for authenticated requests