Skip to main content
POST
/
api
/
public
/
v1
/
oauth
/
token
OAuth2 token endpoint (RFC 6749 §4.1.3 + §6)
curl --request POST \
  --url https://api.flexslot.gg/api/public/v1/oauth/token \
  --header 'Content-Type: application/x-www-form-urlencoded' \
  --data 'grant_type=<string>' \
  --data 'code=<string>' \
  --data 'redirect_uri=<string>' \
  --data 'code_verifier=<string>' \
  --data 'refresh_token=<string>' \
  --data 'scope=<string>' \
  --data 'client_id=<string>' \
  --data 'client_secret=<string>'
import requests

url = "https://api.flexslot.gg/api/public/v1/oauth/token"

payload = {
"grant_type": "<string>",
"code": "<string>",
"redirect_uri": "<string>",
"code_verifier": "<string>",
"refresh_token": "<string>",
"scope": "<string>",
"client_id": "<string>",
"client_secret": "<string>"
}
headers = {"Content-Type": "application/x-www-form-urlencoded"}

response = requests.post(url, data=payload, headers=headers)

print(response.text)
const options = {
method: 'POST',
headers: {'Content-Type': 'application/x-www-form-urlencoded'},
body: new URLSearchParams({
grant_type: '<string>',
code: '<string>',
redirect_uri: '<string>',
code_verifier: '<string>',
refresh_token: '<string>',
scope: '<string>',
client_id: '<string>',
client_secret: '<string>'
})
};

fetch('https://api.flexslot.gg/api/public/v1/oauth/token', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));
<?php

$curl = curl_init();

curl_setopt_array($curl, [
CURLOPT_URL => "https://api.flexslot.gg/api/public/v1/oauth/token",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "POST",
CURLOPT_POSTFIELDS => "grant_type=%3Cstring%3E&code=%3Cstring%3E&redirect_uri=%3Cstring%3E&code_verifier=%3Cstring%3E&refresh_token=%3Cstring%3E&scope=%3Cstring%3E&client_id=%3Cstring%3E&client_secret=%3Cstring%3E",
CURLOPT_HTTPHEADER => [
"Content-Type: application/x-www-form-urlencoded"
],
]);

$response = curl_exec($curl);
$err = curl_error($curl);

curl_close($curl);

if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}
package main

import (
"fmt"
"strings"
"net/http"
"io"
)

func main() {

url := "https://api.flexslot.gg/api/public/v1/oauth/token"

payload := strings.NewReader("grant_type=%3Cstring%3E&code=%3Cstring%3E&redirect_uri=%3Cstring%3E&code_verifier=%3Cstring%3E&refresh_token=%3Cstring%3E&scope=%3Cstring%3E&client_id=%3Cstring%3E&client_secret=%3Cstring%3E")

req, _ := http.NewRequest("POST", url, payload)

req.Header.Add("Content-Type", "application/x-www-form-urlencoded")

res, _ := http.DefaultClient.Do(req)

defer res.Body.Close()
body, _ := io.ReadAll(res.Body)

fmt.Println(string(body))

}
HttpResponse<String> response = Unirest.post("https://api.flexslot.gg/api/public/v1/oauth/token")
.header("Content-Type", "application/x-www-form-urlencoded")
.body("grant_type=%3Cstring%3E&code=%3Cstring%3E&redirect_uri=%3Cstring%3E&code_verifier=%3Cstring%3E&refresh_token=%3Cstring%3E&scope=%3Cstring%3E&client_id=%3Cstring%3E&client_secret=%3Cstring%3E")
.asString();
require 'uri'
require 'net/http'

url = URI("https://api.flexslot.gg/api/public/v1/oauth/token")

http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true

request = Net::HTTP::Post.new(url)
request["Content-Type"] = 'application/x-www-form-urlencoded'
request.body = "grant_type=%3Cstring%3E&code=%3Cstring%3E&redirect_uri=%3Cstring%3E&code_verifier=%3Cstring%3E&refresh_token=%3Cstring%3E&scope=%3Cstring%3E&client_id=%3Cstring%3E&client_secret=%3Cstring%3E"

response = http.request(request)
puts response.read_body
{
  "access_token": "<string>",
  "token_type": "<string>",
  "expires_in": 123,
  "refresh_token": "<string>",
  "scope": "<string>"
}
{
"error": "<string>",
"error_description": "<string>"
}
{
"error": "<string>",
"error_description": "<string>"
}

Body

application/x-www-form-urlencoded
grant_type
string
required

'authorization_code' or 'refresh_token'.

Minimum string length: 1
code
string

Authorization-code grant only.

Minimum string length: 1
redirect_uri
string

Authorization-code grant only.

Minimum string length: 1
code_verifier
string

Authorization-code grant only (PKCE).

Minimum string length: 1
refresh_token
string

Refresh-token grant only.

Minimum string length: 1
scope
string

Optional refresh-token scope narrowing.

Minimum string length: 1
client_id
string

When not using HTTP Basic.

Minimum string length: 1
client_secret
string

Confidential client only.

Minimum string length: 1

Response

access_token
string
required
token_type
string
required
expires_in
integer
required
refresh_token
string
required
scope
string
required