Im making a website where a user can login with their Discord account.
I'm making an API call that looks like this:
https://discordapp.com/api/oauth2/token?grant_type=authorization_code&client_id=791748434310201344&client_secret=superSecretID&redirect_uri=mywebsite%2Fprotocols%2Fadd_discord.php&code=KI5LYgKj7QuO3oBkddXQW6SnJbg17K&scope=identify
I was expecting a return like this:
{
"access_token": "6qrZcUqja7812RVdnEKjpzOL4CvHBFG",
"token_type": "Bearer",
"expires_in": 604800,
"scope": "identify"
}
But instead, I got:
{"message": "405: Method Not Allowed", "code": 0}
I've been looking at the Discord oauth2 documentation for a while now, but I can't figure it out.
Make sure you're making a POST request, other methods (like GET) are not allowed.
If you run the snippet below, you can see that with GET you're receiving a "method not allowed" error, while with POST it's just complaining about the invalid client_id:
fetch('https://discordapp.com/api/oauth2/token?grant_type=authorization_code&client_id=CLIENTID&client_secret=superSecretID&redirect_uri=http%3A%2F%2Flocalhost%2Fadd_discord.php&code=xxx&scope=identify', {
method: 'GET'
})
.then(res => res.json())
.then(res => console.log({
method: 'GET',
res
}))
fetch('https://discordapp.com/api/oauth2/token?grant_type=authorization_code&client_id=CLIENTID&client_secret=superSecretID&redirect_uri=http%3A%2F%2Flocalhost%2Fadd_discord.php&code=xxx&scope=identify', {
method: 'POST'
})
.then(res => res.json())
.then(res => console.log({
method: 'POST',
res
}))