[HELP] OIDC Authorization Code Flow - POST format

Hello I’m a little bit confused by the authorization process because I’ve never done OAuth before,
and I’m new to web development.

I’m using C++ and plain (winsock) sockets.
I was able to geht the OAuth 2.0 authorization code and now I’m stuck on step 3) of

The provided example just says:

POST https://id.twitch.tv/oauth2/token
?client_id=uo6dggojyb8d6soh92zknwmi5ej1q2
&client_secret=REMOVED
&code=REMOVED
&grant_type=authorization_code
&redirect_uri=http://localhost

My question is how do i need to send the request and how does it look like?
I already tried several things like the following and nothing worked:

POST /oauth2/token HTTP/1.1

?client_id=uo6dggojyb8d6soh92zknwmi5ej1q2
&client_secret=REMOVED
&code=REMOVED
&grant_type=authorization_code
&redirect_uri=http://localhost

Do I need to add Conent-Type and Conent-Length or something else?
Are new lines important? ("\r\n")

Can someone please provide me a sample how this request should look like?

Or do i need to request with a SSL socket?

Thanks in advance

Gwen

  1. DO NOT POST YOUR CLIENT SECRET PUBLICLY. THIS IS AGAINST THE DEV TOS AND IT SHOULD BE TREATED AS A PASSWORD. I have edited your post accordingly. A code should be treated similar

  2. You need to use whatever you want that supports sending a HTTP POST request over SSL in the language you are working in. So Yes SSL Socket.

Content-Type/length are headers and are not needed for this request. I don’t see any headers in the example, and they are not required

These may help

secret and code were from the doku example, not mine :wink:
and thanks so far :slight_smile:

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.