Qodex.ai

OAuth2.0 v2 - Get Auth code

GET https://account.withings.com/oauth2_user/authorize2?response_type=code&client_id={{client_id}}&redirect_uri={{oauth2_redirect_uri}}&state={{state}}&scope={{scope}}

OAuth 2.0 - Get your authorization code

Use the authorize method which will construct a URL and redirect to it. It will ask the user for permissions. The user will be able to sign up for a new account or to sign in with their existing account.

When the user has accepted, he is redirected to your application (using the redirect_uri) with the authorization code and the state passed as URL parameters.

Important:

  • Must be called as GET call.
  • The authorization code is valid for 30 seconds.

More information about this webservice can be found in our API reference.

Getting your first access_token using Qodex

Let's have a look at the steps to get your first user acccess_token using Qodex. You'll need to have access to a user account in order to complete this flow. We recommend using a sample user created beforehand on https://account.withings.com.

Step 1

  1. Go to the Public API collection and click on OAuth2.0 v2 - Get Auth Code
  2. Click the send button. Parameters in the URL will be filled automatically based on you environment variables.
  3. Select the Code snippet button from Qodex righthand side bar.
  4. Copy the URL that was generated by Qodex by using your environment variables

Step 2

  1. Open the URL built in step 1 to your favorite web browser.
  2. Login with a user account. Follow the OAuth2.0 flow and authorize your application to access the user account.

Step 3

Your callbackURL is called at the end of the flow with the user authorization code passed as a parameter. Copy this code from the URL.

WARNING: the authorization code is valid for 30 seconds only, so once Step 3 is complete you should quickly proceed with Step 4 and 5.

Step 4

  1. Click Qodex environment menu item
  2. Select your active Withings environment
  3. Replace the code variable with the one you obtained in Step 3
  4. Don't forget to Save!

Step 5

  1. Go back to the Public API Integration Collection
  2. Select the OAuth2.0 v2 - Get access token request and click Send

If you managed to perform steps 3, 4 and 5 in less than 30s, then congratulations: you've generated a valid access_token and refresh_token for this user ! 🎉

Next time your access_token expires, you just need to call the OAuth2.0 v2 - Get refresh token request in order to refresh it.

Request Params

KeyDatatypeRequiredDescription
response_typestringDO NOT CHANGE
client_idstringAvailable on your developer dashboard https://developer.withings.com/dashboard/
redirect_uristringAvailable on your developer dashboard https://developer.withings.com/dashboard/
statestringRandomly generated in the Pre-request script
scopestringAvailable scopes on https://developer.withings.com/oauth2/