Skip to main content

Token

Exchange an authorization code for an access token and refresh token.

Method

client.oauth.token(args: OauthTokenParameters & {
  client_id: string
  client_secret: string
}): Promise<OauthTokenResponse>

Parameters

grant_type
string
required
Either "authorization_code" or "refresh_token".
code
string
The authorization code. Required when grant_type is "authorization_code".
redirect_uri
string
The redirect URI used in the authorization request.
refresh_token
string
The refresh token. Required when grant_type is "refresh_token".
external_account
object
External account information.
client_id
string
required
Your integration’s OAuth client ID.
client_secret
string
required
Your integration’s OAuth client secret.

Response

access_token
string
The access token for making API requests.
token_type
string
Always "bearer".
refresh_token
string | null
The refresh token for obtaining a new access token. null when using refresh_token grant.
bot_id
string
The ID of the bot user.
workspace_id
string
The ID of the workspace.
workspace_name
string | null
The name of the workspace.
workspace_icon
string | null
The icon URL of the workspace.
owner
object
Details about the owner of the integration.
duplicated_template_id
string | null
The ID of the duplicated template, if any.

Example

const response = await client.oauth.token({
  grant_type: "authorization_code",
  code: "auth-code-123",
  redirect_uri: "https://example.com/callback",
  client_id: "your-client-id",
  client_secret: "your-client-secret",
})

console.log(response.access_token)

Introspect

Introspect an access token to check its validity and retrieve metadata.

Method

client.oauth.introspect(args: OauthIntrospectParameters & {
  client_id: string
  client_secret: string
}): Promise<OauthIntrospectResponse>

Parameters

token
string
required
The access token to introspect.
client_id
string
required
Your integration’s OAuth client ID.
client_secret
string
required
Your integration’s OAuth client secret.

Response

active
boolean
Whether the token is currently active.
scope
string
The scopes granted by the token.
iat
number
The timestamp when the token was issued (Unix timestamp).

Example

const response = await client.oauth.introspect({
  token: "access-token-123",
  client_id: "your-client-id",
  client_secret: "your-client-secret",
})

console.log(response.active)

Revoke

Revoke an access token.

Method

client.oauth.revoke(args: OauthRevokeParameters & {
  client_id: string
  client_secret: string
}): Promise<OauthRevokeResponse>

Parameters

token
string
required
The access token to revoke.
client_id
string
required
Your integration’s OAuth client ID.
client_secret
string
required
Your integration’s OAuth client secret.

Response

request_id
string
The ID of the revocation request.

Example

const response = await client.oauth.revoke({
  token: "access-token-123",
  client_id: "your-client-id",
  client_secret: "your-client-secret",
})

console.log("Token revoked successfully")

Build docs developers (and LLMs) love

Get started for freeTalk to us