<!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8" /> <meta name="viewport" content="width=device-width, initial-scale=1.0" /><meta name="generator" content="Docutils 0.19: https://docutils.sourceforge.io/" /> <title>OAuth2 — FitTrackee 0.7.10 documentation</title> <link rel="stylesheet" type="text/css" href="../_static/pygments.css" /> <link rel="stylesheet" type="text/css" href="../_static/bootstrap-sphinx.css" /> <link rel="stylesheet" type="text/css" href="../_static/css/fork-awesome.min.css" /> <link rel="stylesheet" type="text/css" href="../_static/css/custom.css" /> <script data-url_root="../" id="documentation_options" src="../_static/documentation_options.js"></script> <script src="../_static/jquery.js"></script> <script src="../_static/underscore.js"></script> <script src="../_static/_sphinx_javascript_frameworks_compat.js"></script> <script src="../_static/doctools.js"></script> <script src="../_static/sphinx_highlight.js"></script> <link rel="index" title="Index" href="../genindex.html" /> <link rel="search" title="Search" href="../search.html" /> <link rel="next" title="Records" href="records.html" /> <link rel="prev" title="Configuration" href="configuration.html" /> <meta charset='utf-8'> <meta http-equiv='X-UA-Compatible' content='IE=edge,chrome=1'> <meta name='viewport' content='width=device-width, initial-scale=1.0, maximum-scale=1'> <meta name="apple-mobile-web-app-capable" content="yes"> <script type="text/javascript" src="../_static/js/jquery-1.12.4.min.js"></script> <script type="text/javascript" src="../_static/js/jquery-fix.js"></script> <script type="text/javascript" src="../_static/bootstrap-3.4.1/js/bootstrap.min.js"></script> <script type="text/javascript" src="../_static/bootstrap-sphinx.js"></script> </head><body> <div id="navbar" class="navbar navbar-default navbar-fixed-top"> <div class="container"> <div class="navbar-header"> <!-- .btn-navbar is used as the toggle for collapsed navbar content --> <button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".nav-collapse"> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </button> <a class="navbar-brand" href="../index.html"> FitTrackee</a> <span class="navbar-text navbar-version pull-left"><b>0.7.10 </b></span> </div> <div class="collapse navbar-collapse nav-collapse"> <ul class="nav navbar-nav"> <li><a href="https://github.com/SamR1/FitTrackee">GitHub</a></li> <li class="dropdown globaltoc-container"> <a role="button" id="dLabelGlobalToc" data-toggle="dropdown" data-target="#" href="../index.html">Docs <b class="caret"></b></a> <ul class="dropdown-menu globaltoc" role="menu" aria-labelledby="dLabelGlobalToc"><ul class="current"> <li class="toctree-l1"><a class="reference internal" href="../features.html">Features</a></li> <li class="toctree-l1"><a class="reference internal" href="../apps.html">Third-party applications</a></li> <li class="toctree-l1"><a class="reference internal" href="../installation.html">Installation</a></li> <li class="toctree-l1"><a class="reference internal" href="../cli.html">Command line interface</a></li> <li class="toctree-l1 current"><a class="reference internal" href="index.html">API documentation</a></li> <li class="toctree-l1"><a class="reference internal" href="../troubleshooting/index.html">Troubleshooting</a></li> <li class="toctree-l1"><a class="reference internal" href="../changelog.html">Change log</a></li> </ul> </ul> </li> <li class="dropdown"> <a role="button" id="dLabelLocalToc" data-toggle="dropdown" data-target="#" href="#">Page <b class="caret"></b></a> <ul class="dropdown-menu localtoc" role="menu" aria-labelledby="dLabelLocalToc"><ul> <li><a class="reference internal" href="#">OAuth2</a></li> </ul> </ul> </li> <li> <a href="configuration.html" title="Previous Chapter: Configuration"><span class="glyphicon glyphicon-chevron-left visible-sm"></span><span class="hidden-sm hidden-tablet">« Configuration</span> </a> </li> <li> <a href="records.html" title="Next Chapter: Records"><span class="glyphicon glyphicon-chevron-right visible-sm"></span><span class="hidden-sm hidden-tablet">Records »</span> </a> </li> <li class="hidden-sm"> <div id="sourcelink"> <a href="../_sources/api/oauth2.rst.txt" rel="nofollow">Source</a> </div></li> </ul> <form class="navbar-form navbar-right" action="../search.html" method="get"> <div class="form-group"> <input type="text" name="q" class="form-control" placeholder="Search" /> </div> <input type="hidden" name="check_keywords" value="yes" /> <input type="hidden" name="area" value="default" /> </form> </div> </div> </div> <div class="container"> <div class="row"> <div class="body col-md-12 content" role="main"> <section id="oauth2"> <h1>OAuth2<a class="headerlink" href="#oauth2" title="Permalink to this heading">¶</a></h1> <dl class="http get"> <dt class="sig sig-object http" id="get--api-oauth-apps"> <span class="sig-name descname"><span class="pre">GET</span> </span><span class="sig-name descname"><span class="pre">/api/oauth/apps</span></span><a class="headerlink" href="#get--api-oauth-apps" title="Permalink to this definition">¶</a></dt> <dd><p>Get OAuth2 clients (apps) for authenticated user with pagination (5 clients/page).</p> <p>This endpoint is only accessible by FitTrackee client (first-party application).</p> <p><strong>Example request</strong>:</p> <ul class="simple"> <li><p>without parameters</p></li> </ul> <div class="highlight-http notranslate"><div class="highlight"><pre><span></span><span class="nf">GET</span> <span class="nn">/api/oauth/apps</span> <span class="kr">HTTP</span><span class="o">/</span><span class="m">1.1</span> <span class="na">Content-Type</span><span class="o">:</span> <span class="l">application/json</span> </pre></div> </div> <ul class="simple"> <li><p>with ‘page’ parameter</p></li> </ul> <div class="highlight-http notranslate"><div class="highlight"><pre><span></span><span class="nf">GET</span> <span class="nn">/api/oauth/apps?page=2</span> <span class="kr">HTTP</span><span class="o">/</span><span class="m">1.1</span> <span class="na">Content-Type</span><span class="o">:</span> <span class="l">application/json</span> </pre></div> </div> <p><strong>Example response</strong>:</p> <div class="highlight-http notranslate"><div class="highlight"><pre><span></span><span class="kr">HTTP</span><span class="o">/</span><span class="m">1.1</span> <span class="m">200</span> <span class="ne">SUCCESS</span> <span class="na">Content-Type</span><span class="o">:</span> <span class="l">application/json</span> <span class="p">{</span><span class="w"></span> <span class="w"> </span><span class="nt">"data"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"></span> <span class="w"> </span><span class="nt">"clients"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"></span> <span class="w"> </span><span class="p">{</span><span class="w"></span> <span class="w"> </span><span class="nt">"client_description"</span><span class="p">:</span><span class="w"> </span><span class="s2">""</span><span class="p">,</span><span class="w"></span> <span class="w"> </span><span class="nt">"client_id"</span><span class="p">:</span><span class="w"> </span><span class="s2">"o22a27s2aBPUoxJbxV3UjDOx"</span><span class="p">,</span><span class="w"></span> <span class="w"> </span><span class="nt">"id"</span><span class="p">:</span><span class="w"> </span><span class="mi">1</span><span class="p">,</span><span class="w"></span> <span class="w"> </span><span class="nt">"issued_at"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Thu, 14 July 2022 06:27:53 GMT"</span><span class="p">,</span><span class="w"></span> <span class="w"> </span><span class="nt">"name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"GPX Importer"</span><span class="p">,</span><span class="w"></span> <span class="w"> </span><span class="nt">"redirect_uris"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"></span> <span class="w"> </span><span class="s2">" https://example.com/callback"</span><span class="w"></span> <span class="w"> </span><span class="p">],</span><span class="w"></span> <span class="w"> </span><span class="nt">"scope"</span><span class="p">:</span><span class="w"> </span><span class="s2">"profile:read workouts:write"</span><span class="p">,</span><span class="w"></span> <span class="w"> </span><span class="nt">"website"</span><span class="p">:</span><span class="w"> </span><span class="s2">"https://example.com"</span><span class="w"></span> <span class="w"> </span><span class="p">}</span><span class="w"></span> <span class="w"> </span><span class="p">]</span><span class="w"></span> <span class="w"> </span><span class="p">},</span><span class="w"></span> <span class="w"> </span><span class="nt">"pagination"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"></span> <span class="w"> </span><span class="nt">"has_next"</span><span class="p">:</span><span class="w"> </span><span class="kc">false</span><span class="p">,</span><span class="w"></span> <span class="w"> </span><span class="nt">"has_prev"</span><span class="p">:</span><span class="w"> </span><span class="kc">false</span><span class="p">,</span><span class="w"></span> <span class="w"> </span><span class="nt">"page"</span><span class="p">:</span><span class="w"> </span><span class="mi">1</span><span class="p">,</span><span class="w"></span> <span class="w"> </span><span class="nt">"pages"</span><span class="p">:</span><span class="w"> </span><span class="mi">1</span><span class="p">,</span><span class="w"></span> <span class="w"> </span><span class="nt">"total"</span><span class="p">:</span><span class="w"> </span><span class="mi">1</span><span class="w"></span> <span class="w"> </span><span class="p">},</span><span class="w"></span> <span class="w"> </span><span class="nt">"status"</span><span class="p">:</span><span class="w"> </span><span class="s2">"success"</span><span class="w"></span> <span class="p">}</span><span class="w"></span> </pre></div> </div> <dl class="field-list simple"> <dt class="field-odd">Query Parameters<span class="colon">:</span></dt> <dd class="field-odd"><ul class="simple"> <li><p><strong>page</strong> (<em>integer</em>) – page for pagination (default: 1)</p></li> </ul> </dd> <dt class="field-even">Request Headers<span class="colon">:</span></dt> <dd class="field-even"><ul class="simple"> <li><p><span><a class="reference external" href="https://www.rfc-editor.org/rfc/rfc7235#section-4.2">Authorization</a></span> – OAuth 2.0 Bearer Token</p></li> </ul> </dd> <dt class="field-odd">Status Codes<span class="colon">:</span></dt> <dd class="field-odd"><ul class="simple"> <li><p><span><a class="reference external" href="https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.2.1">200 OK</a></span> – success</p></li> <li><p><span><a class="reference external" href="https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.2">401 Unauthorized</a></span> – <ul> <li><p>provide a valid auth token</p></li> <li><p>signature expired, please log in again</p></li> <li><p>invalid token, please log in again</p></li> </ul> </p></li> </ul> </dd> </dl> </dd></dl> <dl class="http post"> <dt class="sig sig-object http" id="post--api-oauth-apps"> <span class="sig-name descname"><span class="pre">POST</span> </span><span class="sig-name descname"><span class="pre">/api/oauth/apps</span></span><a class="headerlink" href="#post--api-oauth-apps" title="Permalink to this definition">¶</a></dt> <dd><p>Create an OAuth2 client (app) for the authenticated user.</p> <p>This endpoint is only accessible by FitTrackee client (first-party application).</p> <p><strong>Example request</strong>:</p> <div class="highlight-http notranslate"><div class="highlight"><pre><span></span><span class="nf">POST</span> <span class="nn">/api/oauth/apps</span> <span class="kr">HTTP</span><span class="o">/</span><span class="m">1.1</span> <span class="na">Content-Type</span><span class="o">:</span> <span class="l">application/json</span> </pre></div> </div> <p><strong>Example response</strong>:</p> <div class="highlight-http notranslate"><div class="highlight"><pre><span></span><span class="kr">HTTP</span><span class="o">/</span><span class="m">1.1</span> <span class="m">200</span> <span class="ne">SUCCESS</span> <span class="na">Content-Type</span><span class="o">:</span> <span class="l">application/json</span> <span class="p">{</span><span class="w"></span> <span class="w"> </span><span class="nt">"data"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"></span> <span class="w"> </span><span class="nt">"client"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"></span> <span class="w"> </span><span class="nt">"client_description"</span><span class="p">:</span><span class="w"> </span><span class="s2">""</span><span class="p">,</span><span class="w"></span> <span class="w"> </span><span class="nt">"client_id"</span><span class="p">:</span><span class="w"> </span><span class="s2">"o22a27s2aBPUoxJbxV3UjDOx"</span><span class="p">,</span><span class="w"></span> <span class="w"> </span><span class="nt">"client_secret"</span><span class="p">:</span><span class="w"> </span><span class="s2">"<CLIENT SECRET>"</span><span class="p">,</span><span class="w"></span> <span class="w"> </span><span class="nt">"id"</span><span class="p">:</span><span class="w"> </span><span class="mi">1</span><span class="p">,</span><span class="w"></span> <span class="w"> </span><span class="nt">"issued_at"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Thu, 14 July 2022 06:27:53 GMT"</span><span class="p">,</span><span class="w"></span> <span class="w"> </span><span class="nt">"name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"GPX Importer"</span><span class="p">,</span><span class="w"></span> <span class="w"> </span><span class="nt">"redirect_uris"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"></span> <span class="w"> </span><span class="s2">"https://example.com/callback"</span><span class="w"></span> <span class="w"> </span><span class="p">],</span><span class="w"></span> <span class="w"> </span><span class="nt">"scope"</span><span class="p">:</span><span class="w"> </span><span class="s2">"profile:read workouts:write"</span><span class="p">,</span><span class="w"></span> <span class="w"> </span><span class="nt">"website"</span><span class="p">:</span><span class="w"> </span><span class="s2">"https://example.com"</span><span class="w"></span> <span class="w"> </span><span class="p">}</span><span class="w"></span> <span class="w"> </span><span class="p">},</span><span class="w"></span> <span class="w"> </span><span class="nt">"status"</span><span class="p">:</span><span class="w"> </span><span class="s2">"created"</span><span class="w"></span> <span class="p">}</span><span class="w"></span> </pre></div> </div> <dl class="field-list simple"> <dt class="field-odd">JSON Parameters<span class="colon">:</span></dt> <dd class="field-odd"><ul class="simple"> <li><p><strong>client_name</strong> (<em>string</em>) – client name</p></li> <li><p><strong>client_uri</strong> (<em>string</em>) – client URL</p></li> <li><p><strong>redirect_uri</strong> (<em>array</em>) – list of client redirect URLs (string)</p></li> <li><p><strong>scope</strong> (<em>string</em>) – client scopes</p></li> <li><p><strong>client_description</strong> (<em>string</em>) – client description (<cite>OPTIONAL</cite>)</p></li> </ul> </dd> <dt class="field-even">Request Headers<span class="colon">:</span></dt> <dd class="field-even"><ul class="simple"> <li><p><span><a class="reference external" href="https://www.rfc-editor.org/rfc/rfc7235#section-4.2">Authorization</a></span> – OAuth 2.0 Bearer Token</p></li> </ul> </dd> <dt class="field-odd">Status Codes<span class="colon">:</span></dt> <dd class="field-odd"><ul class="simple"> <li><p><span><a class="reference external" href="https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.2.1">200 OK</a></span> – success</p></li> <li><p><span><a class="reference external" href="https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1">400 Bad Request</a></span> – <ul> <li><p>invalid payload</p></li> </ul> </p></li> <li><p><span><a class="reference external" href="https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.2">401 Unauthorized</a></span> – <ul> <li><p>provide a valid auth token</p></li> <li><p>signature expired, please log in again</p></li> <li><p>invalid token, please log in again</p></li> </ul> </p></li> </ul> </dd> </dl> </dd></dl> <dl class="http get"> <dt class="sig sig-object http" id="get--api-oauth-apps-(string-client_client_id)"> <span class="sig-name descname"><span class="pre">GET</span> </span><span class="sig-name descname"><span class="pre">/api/oauth/apps/</span></span><span class="sig-paren">(</span><em class="property"><span class="pre">string:</span> </em><em class="sig-param"><span class="pre">client_client_id</span></em><span class="sig-paren">)</span><a class="headerlink" href="#get--api-oauth-apps-(string-client_client_id)" title="Permalink to this definition">¶</a></dt> <dd><p>Get an OAuth2 client (app) by ‘client_id’.</p> <p>This endpoint is only accessible by FitTrackee client (first-party application).</p> <p><strong>Example request</strong>:</p> <div class="highlight-http notranslate"><div class="highlight"><pre><span></span><span class="nf">GET</span> <span class="nn">/api/oauth/apps/o22a27s2aBPUoxJbxV3UjDOx</span> <span class="kr">HTTP</span><span class="o">/</span><span class="m">1.1</span> <span class="na">Content-Type</span><span class="o">:</span> <span class="l">application/json</span> </pre></div> </div> <p><strong>Example responses</strong>:</p> <ul class="simple"> <li><p>success</p></li> </ul> <div class="highlight-http notranslate"><div class="highlight"><pre><span></span><span class="kr">HTTP</span><span class="o">/</span><span class="m">1.1</span> <span class="m">200</span> <span class="ne">SUCCESS</span> <span class="na">Content-Type</span><span class="o">:</span> <span class="l">application/json</span> <span class="p">{</span><span class="w"></span> <span class="w"> </span><span class="nt">"data"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"></span> <span class="w"> </span><span class="nt">"client"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"></span> <span class="w"> </span><span class="nt">"client_description"</span><span class="p">:</span><span class="w"> </span><span class="s2">""</span><span class="p">,</span><span class="w"></span> <span class="w"> </span><span class="nt">"client_id"</span><span class="p">:</span><span class="w"> </span><span class="s2">"o22a27s2aBPUoxJbxV3UjDOx"</span><span class="p">,</span><span class="w"></span> <span class="w"> </span><span class="nt">"id"</span><span class="p">:</span><span class="w"> </span><span class="mi">1</span><span class="p">,</span><span class="w"></span> <span class="w"> </span><span class="nt">"issued_at"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Thu, 14 July 2022 06:27:53 GMT"</span><span class="p">,</span><span class="w"></span> <span class="w"> </span><span class="nt">"name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"GPX Importer"</span><span class="p">,</span><span class="w"></span> <span class="w"> </span><span class="nt">"redirect_uris"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"></span> <span class="w"> </span><span class="s2">"https://example.com/callback"</span><span class="w"></span> <span class="w"> </span><span class="p">],</span><span class="w"></span> <span class="w"> </span><span class="nt">"scope"</span><span class="p">:</span><span class="w"> </span><span class="s2">"profile:read workouts:write"</span><span class="p">,</span><span class="w"></span> <span class="w"> </span><span class="nt">"website"</span><span class="p">:</span><span class="w"> </span><span class="s2">"https://example.com"</span><span class="w"></span> <span class="w"> </span><span class="p">}</span><span class="w"></span> <span class="w"> </span><span class="p">},</span><span class="w"></span> <span class="w"> </span><span class="nt">"status"</span><span class="p">:</span><span class="w"> </span><span class="s2">"success"</span><span class="w"></span> <span class="p">}</span><span class="w"></span> </pre></div> </div> <ul class="simple"> <li><p>not found</p></li> </ul> <div class="highlight-http notranslate"><div class="highlight"><pre><span></span><span class="kr">HTTP</span><span class="o">/</span><span class="m">1.1</span> <span class="m">404</span> <span class="ne">NOT FOUND</span> <span class="na">Content-Type</span><span class="o">:</span> <span class="l">application/json</span> <span class="p">{</span><span class="w"></span> <span class="w"> </span><span class="nt">"status"</span><span class="p">:</span><span class="w"> </span><span class="s2">"not found"</span><span class="p">,</span><span class="w"></span> <span class="w"> </span><span class="nt">"message"</span><span class="p">:</span><span class="w"> </span><span class="s2">"OAuth2 client not found"</span><span class="w"></span> <span class="p">}</span><span class="w"></span> </pre></div> </div> <dl class="field-list simple"> <dt class="field-odd">Parameters<span class="colon">:</span></dt> <dd class="field-odd"><ul class="simple"> <li><p><strong>client_client_id</strong> (<em>string</em>) – OAuth2 client client_id</p></li> </ul> </dd> <dt class="field-even">Request Headers<span class="colon">:</span></dt> <dd class="field-even"><ul class="simple"> <li><p><span><a class="reference external" href="https://www.rfc-editor.org/rfc/rfc7235#section-4.2">Authorization</a></span> – OAuth 2.0 Bearer Token</p></li> </ul> </dd> <dt class="field-odd">Status Codes<span class="colon">:</span></dt> <dd class="field-odd"><ul class="simple"> <li><p><span><a class="reference external" href="https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.2.1">200 OK</a></span> – success</p></li> <li><p><span><a class="reference external" href="https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.2">401 Unauthorized</a></span> – <ul> <li><p>provide a valid auth token</p></li> <li><p>signature expired, please log in again</p></li> <li><p>invalid token, please log in again</p></li> </ul> </p></li> <li><p><span><a class="reference external" href="https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.5">404 Not Found</a></span> – OAuth2 client not found</p></li> </ul> </dd> </dl> </dd></dl> <dl class="http get"> <dt class="sig sig-object http" id="get--api-oauth-apps-(int-client_id)-by_id"> <span class="sig-name descname"><span class="pre">GET</span> </span><span class="sig-name descname"><span class="pre">/api/oauth/apps/</span></span><span class="sig-paren">(</span><em class="property"><span class="pre">int:</span> </em><em class="sig-param"><span class="pre">client_id</span></em><span class="sig-paren">)</span><span class="sig-name descname"><span class="pre">/by_id</span></span><a class="headerlink" href="#get--api-oauth-apps-(int-client_id)-by_id" title="Permalink to this definition">¶</a></dt> <dd><p>Get an OAuth2 client (app) by id (integer value).</p> <p>This endpoint is only accessible by FitTrackee client (first-party application).</p> <p><strong>Example request</strong>:</p> <div class="highlight-http notranslate"><div class="highlight"><pre><span></span><span class="nf">GET</span> <span class="nn">/api/oauth/apps/1/by_id</span> <span class="kr">HTTP</span><span class="o">/</span><span class="m">1.1</span> <span class="na">Content-Type</span><span class="o">:</span> <span class="l">application/json</span> </pre></div> </div> <p><strong>Example responses</strong>:</p> <ul class="simple"> <li><p>success</p></li> </ul> <div class="highlight-http notranslate"><div class="highlight"><pre><span></span><span class="kr">HTTP</span><span class="o">/</span><span class="m">1.1</span> <span class="m">200</span> <span class="ne">SUCCESS</span> <span class="na">Content-Type</span><span class="o">:</span> <span class="l">application/json</span> <span class="p">{</span><span class="w"></span> <span class="w"> </span><span class="nt">"data"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"></span> <span class="w"> </span><span class="nt">"client"</span><span class="p">:</span><span class="w"> </span><span class="p">{</span><span class="w"></span> <span class="w"> </span><span class="nt">"client_description"</span><span class="p">:</span><span class="w"> </span><span class="s2">""</span><span class="p">,</span><span class="w"></span> <span class="w"> </span><span class="nt">"client_id"</span><span class="p">:</span><span class="w"> </span><span class="s2">"o22a27s2aBPUoxJbxV3UjDOx"</span><span class="p">,</span><span class="w"></span> <span class="w"> </span><span class="nt">"id"</span><span class="p">:</span><span class="w"> </span><span class="mi">1</span><span class="p">,</span><span class="w"></span> <span class="w"> </span><span class="nt">"issued_at"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Thu, 14 July 2022 06:27:53 GMT"</span><span class="p">,</span><span class="w"></span> <span class="w"> </span><span class="nt">"name"</span><span class="p">:</span><span class="w"> </span><span class="s2">"GPX Importer"</span><span class="p">,</span><span class="w"></span> <span class="w"> </span><span class="nt">"redirect_uris"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="w"></span> <span class="w"> </span><span class="s2">"https://example.com/callback"</span><span class="w"></span> <span class="w"> </span><span class="p">],</span><span class="w"></span> <span class="w"> </span><span class="nt">"scope"</span><span class="p">:</span><span class="w"> </span><span class="s2">"profile:read workouts:write"</span><span class="p">,</span><span class="w"></span> <span class="w"> </span><span class="nt">"website"</span><span class="p">:</span><span class="w"> </span><span class="s2">"https://example.com"</span><span class="w"></span> <span class="w"> </span><span class="p">}</span><span class="w"></span> <span class="w"> </span><span class="p">},</span><span class="w"></span> <span class="w"> </span><span class="nt">"status"</span><span class="p">:</span><span class="w"> </span><span class="s2">"success"</span><span class="w"></span> <span class="p">}</span><span class="w"></span> </pre></div> </div> <ul class="simple"> <li><p>not found</p></li> </ul> <div class="highlight-http notranslate"><div class="highlight"><pre><span></span><span class="kr">HTTP</span><span class="o">/</span><span class="m">1.1</span> <span class="m">404</span> <span class="ne">NOT FOUND</span> <span class="na">Content-Type</span><span class="o">:</span> <span class="l">application/json</span> <span class="p">{</span><span class="w"></span> <span class="w"> </span><span class="nt">"status"</span><span class="p">:</span><span class="w"> </span><span class="s2">"not found"</span><span class="p">,</span><span class="w"></span> <span class="w"> </span><span class="nt">"message"</span><span class="p">:</span><span class="w"> </span><span class="s2">"OAuth2 client not found"</span><span class="w"></span> <span class="p">}</span><span class="w"></span> </pre></div> </div> <dl class="field-list simple"> <dt class="field-odd">Parameters<span class="colon">:</span></dt> <dd class="field-odd"><ul class="simple"> <li><p><strong>client_id</strong> (<em>integer</em>) – OAuth2 client id</p></li> </ul> </dd> <dt class="field-even">Request Headers<span class="colon">:</span></dt> <dd class="field-even"><ul class="simple"> <li><p><span><a class="reference external" href="https://www.rfc-editor.org/rfc/rfc7235#section-4.2">Authorization</a></span> – OAuth 2.0 Bearer Token</p></li> </ul> </dd> <dt class="field-odd">Status Codes<span class="colon">:</span></dt> <dd class="field-odd"><ul class="simple"> <li><p><span><a class="reference external" href="https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.2.1">200 OK</a></span> – success</p></li> <li><p><span><a class="reference external" href="https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.2">401 Unauthorized</a></span> – <ul> <li><p>provide a valid auth token</p></li> <li><p>signature expired, please log in again</p></li> <li><p>invalid token, please log in again</p></li> </ul> </p></li> <li><p><span><a class="reference external" href="https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.5">404 Not Found</a></span> – OAuth2 client not found</p></li> </ul> </dd> </dl> </dd></dl> <dl class="http delete"> <dt class="sig sig-object http" id="delete--api-oauth-apps-(int-client_id)"> <span class="sig-name descname"><span class="pre">DELETE</span> </span><span class="sig-name descname"><span class="pre">/api/oauth/apps/</span></span><span class="sig-paren">(</span><em class="property"><span class="pre">int:</span> </em><em class="sig-param"><span class="pre">client_id</span></em><span class="sig-paren">)</span><a class="headerlink" href="#delete--api-oauth-apps-(int-client_id)" title="Permalink to this definition">¶</a></dt> <dd><p>Delete an OAuth2 client (app).</p> <p>This endpoint is only accessible by FitTrackee client (first-party application).</p> <p><strong>Example request</strong>:</p> <div class="highlight-http notranslate"><div class="highlight"><pre><span></span><span class="nf">DELETE</span> <span class="nn">/api/oauth/apps/1</span> <span class="kr">HTTP</span><span class="o">/</span><span class="m">1.1</span> <span class="na">Content-Type</span><span class="o">:</span> <span class="l">application/json</span> </pre></div> </div> <p><strong>Example response</strong>:</p> <div class="highlight-http notranslate"><div class="highlight"><pre><span></span><span class="kr">HTTP</span><span class="o">/</span><span class="m">1.1</span> <span class="m">204</span> <span class="ne">NO CONTENT</span> <span class="na">Content-Type</span><span class="o">:</span> <span class="l">application/json</span> </pre></div> </div> <dl class="field-list simple"> <dt class="field-odd">Parameters<span class="colon">:</span></dt> <dd class="field-odd"><ul class="simple"> <li><p><strong>client_id</strong> (<em>integer</em>) – OAuth2 client id</p></li> </ul> </dd> <dt class="field-even">Request Headers<span class="colon">:</span></dt> <dd class="field-even"><ul class="simple"> <li><p><span><a class="reference external" href="https://www.rfc-editor.org/rfc/rfc7235#section-4.2">Authorization</a></span> – OAuth 2.0 Bearer Token</p></li> </ul> </dd> <dt class="field-odd">Status Codes<span class="colon">:</span></dt> <dd class="field-odd"><ul class="simple"> <li><p><span><a class="reference external" href="https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.2.5">204 No Content</a></span> – OAuth2 client deleted</p></li> <li><p><span><a class="reference external" href="https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.2">401 Unauthorized</a></span> – <ul> <li><p>provide a valid auth token</p></li> <li><p>signature expired, please log in again</p></li> <li><p>invalid token, please log in again</p></li> </ul> </p></li> <li><p><span><a class="reference external" href="https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.5">404 Not Found</a></span> – OAuth2 client not found</p></li> </ul> </dd> </dl> </dd></dl> <dl class="http post"> <dt class="sig sig-object http" id="post--api-oauth-apps-(int-client_id)-revoke"> <span class="sig-name descname"><span class="pre">POST</span> </span><span class="sig-name descname"><span class="pre">/api/oauth/apps/</span></span><span class="sig-paren">(</span><em class="property"><span class="pre">int:</span> </em><em class="sig-param"><span class="pre">client_id</span></em><span class="sig-paren">)</span><span class="sig-name descname"><span class="pre">/revoke</span></span><a class="headerlink" href="#post--api-oauth-apps-(int-client_id)-revoke" title="Permalink to this definition">¶</a></dt> <dd><p>Revoke all tokens associated to an OAuth2 client (app).</p> <p>This endpoint is only accessible by FitTrackee client (first-party application).</p> <p><strong>Example request</strong>:</p> <div class="highlight-http notranslate"><div class="highlight"><pre><span></span><span class="nf">POST</span> <span class="nn">/api/oauth/apps/1/revoke</span> <span class="kr">HTTP</span><span class="o">/</span><span class="m">1.1</span> <span class="na">Content-Type</span><span class="o">:</span> <span class="l">application/json</span> </pre></div> </div> <p><strong>Example response</strong>:</p> <div class="highlight-http notranslate"><div class="highlight"><pre><span></span><span class="kr">HTTP</span><span class="o">/</span><span class="m">1.1</span> <span class="m">200</span> <span class="ne">SUCCESS</span> <span class="na">Content-Type</span><span class="o">:</span> <span class="l">application/json</span> <span class="p">{</span><span class="w"></span> <span class="w"> </span><span class="nt">"status"</span><span class="p">:</span><span class="w"> </span><span class="s2">"success"</span><span class="w"></span> <span class="p">}</span><span class="w"></span> </pre></div> </div> <dl class="field-list simple"> <dt class="field-odd">Parameters<span class="colon">:</span></dt> <dd class="field-odd"><ul class="simple"> <li><p><strong>client_id</strong> (<em>integer</em>) – OAuth2 client id</p></li> </ul> </dd> <dt class="field-even">Request Headers<span class="colon">:</span></dt> <dd class="field-even"><ul class="simple"> <li><p><span><a class="reference external" href="https://www.rfc-editor.org/rfc/rfc7235#section-4.2">Authorization</a></span> – OAuth 2.0 Bearer Token</p></li> </ul> </dd> <dt class="field-odd">Status Codes<span class="colon">:</span></dt> <dd class="field-odd"><ul class="simple"> <li><p><span><a class="reference external" href="https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.2.1">200 OK</a></span> – success</p></li> <li><p><span><a class="reference external" href="https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.2">401 Unauthorized</a></span> – <ul> <li><p>provide a valid auth token</p></li> <li><p>signature expired, please log in again</p></li> <li><p>invalid token, please log in again</p></li> </ul> </p></li> <li><p><span><a class="reference external" href="https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.5">404 Not Found</a></span> – OAuth2 client not found</p></li> </ul> </dd> </dl> </dd></dl> <dl class="http post"> <dt class="sig sig-object http" id="post--api-oauth-authorize"> <span class="sig-name descname"><span class="pre">POST</span> </span><span class="sig-name descname"><span class="pre">/api/oauth/authorize</span></span><a class="headerlink" href="#post--api-oauth-authorize" title="Permalink to this definition">¶</a></dt> <dd><p>Authorize an OAuth2 client (app). If successful, it redirects to the client callback URL with the code to issue a token.</p> <p>This endpoint is only accessible by FitTrackee client (first-party application).</p> <p><strong>Example request</strong>:</p> <div class="highlight-http notranslate"><div class="highlight"><pre><span></span><span class="nf">POST</span> <span class="nn">/api/oauth/authorize</span> <span class="kr">HTTP</span><span class="o">/</span><span class="m">1.1</span> <span class="na">Content-Type</span><span class="o">:</span> <span class="l">multipart/form-data</span> </pre></div> </div> <p><strong>Example response</strong>:</p> <div class="highlight-http notranslate"><div class="highlight"><pre><span></span><span class="kr">HTTP</span><span class="o">/</span><span class="m">1.1</span> <span class="m">200</span> <span class="ne">SUCCESS</span> <span class="na">Content-Type</span><span class="o">:</span> <span class="l">application/json</span> <span class="p">{</span><span class="w"></span> <span class="w"> </span><span class="nt">"status"</span><span class="p">:</span><span class="w"> </span><span class="s2">"success"</span><span class="w"></span> <span class="p">}</span><span class="w"></span> </pre></div> </div> <dl class="field-list simple"> <dt class="field-odd">Form Parameters<span class="colon">:</span></dt> <dd class="field-odd"><ul class="simple"> <li><p><strong>string client_id</strong> – OAuth2 client ‘client_id’</p></li> <li><p><strong>string response_type</strong> – client response type (only ‘code’ is supported by FitTrackee)</p></li> <li><p><strong>string scopes</strong> – OAuth2 client scopes</p></li> <li><p><strong>boolean confirm</strong> – confirmation (must be ‘true’)</p></li> <li><p><strong>string state</strong> – unique value to prevent cross-site request forgery (not mandatory but recommended)</p></li> <li><p><strong>string code_challenge</strong> – string generated from a code verifier (for PKCE, not mandatory but recommended)</p></li> <li><p><strong>string code_challenge_method</strong> – method used to create challenge, for instance “S256” (mandatory if <cite>code_challenge</cite> provided)</p></li> </ul> </dd> <dt class="field-even">Request Headers<span class="colon">:</span></dt> <dd class="field-even"><ul class="simple"> <li><p><span><a class="reference external" href="https://www.rfc-editor.org/rfc/rfc7235#section-4.2">Authorization</a></span> – OAuth 2.0 Bearer Token</p></li> </ul> </dd> <dt class="field-odd">Status Codes<span class="colon">:</span></dt> <dd class="field-odd"><ul class="simple"> <li><p><span><a class="reference external" href="https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.2.1">200 OK</a></span> – success</p></li> <li><p><span><a class="reference external" href="https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1">400 Bad Request</a></span> – <ul> <li><p>invalid payload</p></li> <li><p>errors returned by Authlib library</p></li> </ul> </p></li> <li><p><span><a class="reference external" href="https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.2">401 Unauthorized</a></span> – <ul> <li><p>provide a valid auth token</p></li> <li><p>signature expired, please log in again</p></li> <li><p>invalid token, please log in again</p></li> </ul> </p></li> </ul> </dd> </dl> </dd></dl> <dl class="http post"> <dt class="sig sig-object http" id="post--api-oauth-token"> <span class="sig-name descname"><span class="pre">POST</span> </span><span class="sig-name descname"><span class="pre">/api/oauth/token</span></span><a class="headerlink" href="#post--api-oauth-token" title="Permalink to this definition">¶</a></dt> <dd><p>Issue or refresh token for a given OAuth2 client (app).</p> <p><strong>Example request</strong>:</p> <div class="highlight-http notranslate"><div class="highlight"><pre><span></span><span class="nf">POST</span> <span class="nn">/api/oauth/token</span> <span class="kr">HTTP</span><span class="o">/</span><span class="m">1.1</span> <span class="na">Content-Type</span><span class="o">:</span> <span class="l">multipart/form-data</span> </pre></div> </div> <p><strong>Example response</strong>:</p> <div class="highlight-http notranslate"><div class="highlight"><pre><span></span><span class="kr">HTTP</span><span class="o">/</span><span class="m">1.1</span> <span class="m">200</span> <span class="ne">SUCCESS</span> <span class="na">Content-Type</span><span class="o">:</span> <span class="l">application/json</span> <span class="p">{</span><span class="w"></span> <span class="w"> </span><span class="nt">"access_token"</span><span class="p">:</span><span class="w"> </span><span class="s2">"rOEHv64THCG28WcewZHRnVLUsOdUvw8NVnHKCmL57e"</span><span class="p">,</span><span class="w"></span> <span class="w"> </span><span class="nt">"expires_in"</span><span class="p">:</span><span class="w"> </span><span class="mi">864000</span><span class="p">,</span><span class="w"></span> <span class="w"> </span><span class="nt">"refresh_token"</span><span class="p">:</span><span class="w"> </span><span class="s2">"NuV9cY8VQOnrQKHTZ5pQAq2Zw7mSH0MorNPJr14AmSwD6f6I"</span><span class="p">,</span><span class="w"></span> <span class="w"> </span><span class="nt">"scope"</span><span class="p">:</span><span class="w"> </span><span class="p">[</span><span class="s2">"profile:read"</span><span class="p">,</span><span class="w"> </span><span class="s2">"workouts:write"</span><span class="p">],</span><span class="w"></span> <span class="w"> </span><span class="nt">"token_type"</span><span class="p">:</span><span class="w"> </span><span class="s2">"Bearer"</span><span class="p">,</span><span class="w"></span> <span class="w"> </span><span class="nt">"expires_at"</span><span class="p">:</span><span class="w"> </span><span class="mf">1658660147.0667062</span><span class="w"></span> <span class="p">}</span><span class="w"></span> </pre></div> </div> <dl class="field-list simple"> <dt class="field-odd">Form Parameters<span class="colon">:</span></dt> <dd class="field-odd"><ul class="simple"> <li><p><strong>string client_id</strong> – OAuth2 client ‘client_id’</p></li> <li><p><strong>string client_secret</strong> – OAuth2 client secret</p></li> <li><p><strong>string grant_type</strong> – OAuth2 client grant type (only ‘authorization_code’ (for token issue) and ‘refresh_token’ (for token refresh) are supported by FitTrackee)</p></li> <li><p><strong>string code</strong> – code generated after authorizing the client (for token issue)</p></li> <li><p><strong>string code_verifier</strong> – code verifier (for token issue with PKCE, not mandatory)</p></li> <li><p><strong>string refresh_token</strong> – refresh token (for token refresh)</p></li> </ul> </dd> <dt class="field-even">Status Codes<span class="colon">:</span></dt> <dd class="field-even"><ul class="simple"> <li><p><span><a class="reference external" href="https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.2.1">200 OK</a></span> – success</p></li> <li><p><span><a class="reference external" href="https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1">400 Bad Request</a></span> – <ul> <li><p>errors returned by Authlib library</p></li> </ul> </p></li> <li><p><span><a class="reference external" href="https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.2">401 Unauthorized</a></span> – <ul> <li><p>provide a valid auth token</p></li> <li><p>signature expired, please log in again</p></li> <li><p>invalid token, please log in again</p></li> </ul> </p></li> </ul> </dd> </dl> </dd></dl> <dl class="http post"> <dt class="sig sig-object http" id="post--api-oauth-revoke"> <span class="sig-name descname"><span class="pre">POST</span> </span><span class="sig-name descname"><span class="pre">/api/oauth/revoke</span></span><a class="headerlink" href="#post--api-oauth-revoke" title="Permalink to this definition">¶</a></dt> <dd><p>Revoke a token for a given OAuth2 client (app).</p> <p><strong>Example request</strong>:</p> <div class="highlight-http notranslate"><div class="highlight"><pre><span></span><span class="nf">POST</span> <span class="nn">/api/oauth/revoke</span> <span class="kr">HTTP</span><span class="o">/</span><span class="m">1.1</span> <span class="na">Content-Type</span><span class="o">:</span> <span class="l">multipart/form-data</span> </pre></div> </div> <p><strong>Example response</strong>:</p> <div class="highlight-http notranslate"><div class="highlight"><pre><span></span><span class="kr">HTTP</span><span class="o">/</span><span class="m">1.1</span> <span class="m">200</span> <span class="ne">SUCCESS</span> <span class="na">Content-Type</span><span class="o">:</span> <span class="l">application/json</span> <span class="p">{}</span><span class="w"></span> </pre></div> </div> <dl class="field-list simple"> <dt class="field-odd">Form Parameters<span class="colon">:</span></dt> <dd class="field-odd"><ul class="simple"> <li><p><strong>string client_id</strong> – OAuth2 client ‘client_id’</p></li> <li><p><strong>string client_secret</strong> – OAuth2 client secret</p></li> <li><p><strong>string token</strong> – access token to revoke</p></li> </ul> </dd> <dt class="field-even">Status Codes<span class="colon">:</span></dt> <dd class="field-even"><ul class="simple"> <li><p><span><a class="reference external" href="https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.2.1">200 OK</a></span> – success</p></li> <li><p><span><a class="reference external" href="https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.1">400 Bad Request</a></span> – <ul> <li><p>errors returned by Authlib library</p></li> </ul> </p></li> <li><p><span><a class="reference external" href="https://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.2">401 Unauthorized</a></span> – <ul> <li><p>provide a valid auth token</p></li> <li><p>signature expired, please log in again</p></li> <li><p>invalid token, please log in again</p></li> </ul> </p></li> </ul> </dd> </dl> </dd></dl> </section> </div> </div> </div> <footer class="footer"> <div class="container"> <p class="pull-right"> <a href="#">Back to top</a> </p> <p> © Copyright 2018 - 2022, SamR1 <a rel="me" href="https://fosstodon.org/@FitTrackee"><i class="fa fa-mastodon" aria-hidden="true"></i></a>. Last updated on Dec 21, 2022.<br/> Created using <a href="http://sphinx-doc.org/">Sphinx</a> 5.3.0.<br/> </p> </div> </footer> </body> </html>