How to use the API with a member account.

You have three different methods offered for member identification — which allows you to obtain a token to perform actions on their account.

OAuth 2.0

This is the most recommended method, compatible with OAuth 2.0 libraries available in most languages.

Send the user to the authorization page where they must log in:

With the following GET parameters:

  • client_id: Your API key.
  • redirect_uri: The URI to redirect the client to process the authorization code.

Once the client is identified, they are redirected to redirect_uri with the GET parameter code. On this page, you must call the API to retrieve the user token:


With the following POST parameters:

  • client_id: Your API key.
  • client_secret: The secret key provided in your key information.
  • redirect_uri: The callback address you had already provided for the first part.
  • code: Code retrieved by the first part of the identification.

The API then returns the user token in this form:


Identification by code

If your application is installed on a device with limited writing capabilities (like a television), it is possible for you to offer your user to identify themselves by typing a code on another device, like their smartphone or computer.

For this, you must first call the method /oauth/device to have the information to display to your user:


The return will be similar to this:

    "device_code": "1c2b45bb95ca670a2fca54ddc9a58b63",
    "expires_in": 1800,
    "interval": 5,
    "user_code": "975-820",
    "verification_url": ""

You must display the user_code to your user, indicating to go to verification_url. Meanwhile, your application must periodically call (here every 5 seconds) the API method oauth/access_token waiting for identification.


With the following POST parameters:

  • client_id: Your API key.
  • client_secret: The secret key provided in your key information.
  • code: The device_code returned in the previous method.

As soon as your user is identified, a token will be returned, and you can use the API with their account.

Similar to OAuth

A simpler but non-conventional version of OAuth. First, you must retrieve a key necessary for identification via the API:


Once the key is retrieved, send your user to the identification page:

If the identification is successful, the user will be redirected to the callback URL you configured for the key, with the token as a GET parameter.

Basic identification

This is the first proposed identification, which still works but should always be used in HTTPS since the username and password are sent in the same request.


With the following POST parameters:

  • login: User name or email address
  • password: Password encrypted in MD5

The API then returns the information of the identified member as well as the token you just created.

What’s Next

Take a look at your Developer Dashboard