Matrica
  • Matrica
  • Guides
    • Pricing Guide
    • User Guide
      • Getting Started
      • Linking Wallets
      • Linking Socials
      • Customizing Your Profile
      • Bot Commands
      • Privacy Settings
      • /flash
    • Community Guide
      • Getting Started
      • Manage Community
      • Manage Collections
      • Discord Set-Up
        • Invite the Bot
        • Bot commands
        • Snapshots
      • Verification
        • Adding Rules
        • Fungible Token Roles
        • Amount Based Roles
        • Attribute Based Roles
        • Logic Operators
        • Status Based Roles
        • Verified Collection Roles
        • X Username Gating
        • Wallet Address Gating
        • Validator Stake Gating
        • Inscription # Based Roles
        • Royalty Based Roles
      • Telegram Set-Up
        • Invite the Bot
        • Bot Commands
        • Add Requirements
        • Invite Links
      • Sales Bot and Web-hooks
        • Discord Sales and Listings
        • Telegram Sales
      • Events
        • Create Event
        • Location
        • Requirements
        • Ticketing
      • Proposals
      • Customer Support
      • Staking Support
      • Add-Ons
    • Enterprise
  • Matrica Connect
    • Matrica Connect Overview
    • Who's Building with Matrica Connect?
    • What is OAuth2?
    • Create your application
    • Initial Redirect
    • Retrieving the Access Token
    • API Reference
  • API Reference
    • API - Getting Started
    • Feed
    • User
    • Wallet
    • Events
    • NFT
    • Snapshot
    • Onboard
    • Search
    • Collection
Powered by GitBook
On this page
  • Getting the code
  • Getting the access token
  • Refresh token
  1. Matrica Connect

Retrieving the Access Token

Getting the code

If the user has accepted the link, we will redirect the flow to your redirect_uri URI with two query string parameters:

  • code: You will need the code to make an API call to retrieve the access token.

  • state(optional): The state params that you passed in the previous redirect (if any).

Note: if the user has denied the request, we will redirect to your redirect_uri URI with the error access_denied. The code has a short expiration time (~ 1minute).

Getting the access token

Now that you have a valid code, you can make a request to POST https://api.matrica.io/oauth2/tokenwith these params:

  • grant_type : Must be set to authorization_code

  • code : The code that you received.

  • redirect_uri : The callback redirect URI originally requested.

  • client_id : Your application ID.

  • client_secret (optional): Only if your application is set to "Private".

  • code_verifier : PKCE code verifier.

Content-Type must be application/x-www-form-urlencoded

If everything matches up, the API call will respond with this JSON object:

{
    "access_token": "qwertyuio123456",
    "token_type": "Bearer",
    "refresh_token": "qwertyuiopasdfghjk",
    "expires_in": 3600,
    "scope": "profile"
}            

Refresh token

Store the refresh_token safely and use it to get a new access_token once it has expired by calling POST https://api.matrica.io/oauth2/token with these params:

  • refresh_token : The refresh token.

  • grant_type : Must be set to refresh_token.

  • client_id : Your application ID.

  • client_secret (optional): Only if your application is "Private".

PreviousInitial RedirectNextAPI Reference

Last updated 7 months ago

You can use the access_token to make calls to the OAuth 2.0 APIs (see ) and get the information you have access to (depending on the scopes).

here