I need help with problem. I have website integrated with Stocktwits using omniauth-stocktwits gem. I want to use Stocktwits API to fetch commentary stream. So, I need access_token!
After user authorizes my App at StockTwits I see that I get redirect to my /callback URL with "code" parameter. As I can see in omniauth code this "code" field dont' used for anything. So I decided to try to get access_token how it recommended in api documentation:
curl -X POST https://api.stocktwits.com/api/2/oauth/token -d 'client_id=MY_CLIENT_ID&client_secret=MY_SECRET&code=CODE_FROM_REDIRECT_PARAMS&grant_type=authorization_code&redirect_uri=http://my.site.url'
I was trying many times. With gurl, with HTTParty (my site written in Ruby) - one result:
"errors"=>["code doesn't exist or has expired"]}
or {"response":{"status":403},"errors":[{"message":"Permission denied"}]}
I really sure that all scopes was used and I authorizesa app to read streams, so what permissions are denied I have no idea...
I dont' know how code can be expired if I just get it :(
Where is error? How can I get access_token? Please, any help will be good :)
That is the correct flow and the right end-point to get the access token once you have the code. Here's our authentication flow: http://stocktwits.com/developers/docs/authentication
I'm not sure why you're getting an invalid code, could you try getting the user's code without the omniauth gem? Or try teaching out to the omniauth-stocktwits gem author: https://github.com/jesseyoungmann/omniauth-stocktwits