Here is a working example of the oAuth flow.
The "Authorisation flow" for a Server-Side application
- GET USER CONSENT: The Third Party Application redirects the user to a login URL on the Resource Server. The Third Party Application must generate the full URL. This redirect can be either in a pop-up or the same browser window.
- NB. The redirect url must match the "Home page for your application" property in your JustGiving Developer Account application details page.
- NB. The redirect url must match the "Home page for your application" property in your JustGiving Developer Account application details page.
- The user sees the following
- The first screen asks them to login to JustGiving
- After logging in, the next screen asks for their consent
- The first screen asks them to login to JustGiving
- The user chooses to authorise the 3rd Party Application
- The browser is redirected back to the Third Party Application using the location specified by the redirect_uri query parameter in the request from the Third Party Application. The response from the Resource Server will contain a querystring parameter named "code", the value of this will be used in the request to generate a token.
- The Third Party Application requests a token from the Resource Server by sending a request to https://identity.justgiving.com/connect/token including a Basic Authentication header, the value of which is a base64 encoded value of {yourApplicationId}:{yourSecretKey}
0 Comments