Authentication

Implicit Grant

The Implicit Grant is appropriate for Clients who are unable to securely keep their client_secret, but would still like to interact with Users.

If you are able to reliably secure the client_secret and access_token we provide after the completion of this flow, such as through a back-end web server, then Implicit Grant is not for you. Instead, try Code Grant.

Request Token

Make a request that will redirect to Login Pages hosted by MediaHound. These pages must be displayed in a Browser or WebView. As such, this flow will not work if the requests are made from a non-web backend server.

Copy
http
https://api.mediahound.com/1.3/security/oauth/authorize?response_type=token&client_id={client_id}&client_secret={client_secret}&scope=public_profile+user_likes&redirect_uri=http://localhost

Request Parameters

NameDescription
response_typeValue should be token, specifying that the Application is initializing an Implicit Grant flow.
client_idThe Application's Client ID.
client_secretThe Application's Client Secret.
scopeThe scopes (+ delimited) that the Application is requesting the User to approve. A full list of available scopes can be found here.
redirect_uriUpon completion of the login flow and permission grant of scopes by the User, we will redirect the User to this specified location. If the User has previously granted permission of the scopes to the Application, redirect will happen immediately after User login. If the User has already logged in and the session has been preserved in the browser, redirect will occur immediately.

If the flow is completed and the User grants permission of all the scopes to the Application, redirect will occur with the access_token:

Copy
http
http://localhost/#access_token={access_token}&token_type=bearer&expires_in={seconds}

Details on how to use the access_token can be found here.

Refresh Token

Once the access_token has expired, this flow must be restarted.