Exchange Code For An Access Token

To obtain an access token, make an HTTP GET request to this LaunchKey OAuth endpoint.


End Point


Required Parameters

client_id:Service Key of your Service. This is found on the Keys tab of your Service details in the LaunchKey Dashboard.
client_secret:The unique secret key found on your Service settings page. Ensure this remains completely secret!
redirect_uri:The URI a user will be redirected to after authorization. This URI will capture the access token and store the token along with the user's login status.
code:Unique string received from the Login dialogue redirect.


Your Secret Key, which is used for the OAuth client_secret, should never be included in any client-side code or within binaries that could be decompiled. To ensure your service is secure, it is extremely important that the Secret Key remains completely secret.




If successful, the response will have the status code of 200 and a JSON object in the body with the attributes specified below.


access_token:The authenticating element for a user's session
expires_in:Seconds until expiration
refresh_token:Used to refresh session and get a new access_token without going through the entire authorization flow again
user:Unique code identifying a specific user; this code will always be the same for that particular LaunchKey user


    "access_token": "ACCESS_TOKEN",
    "token_type": "Bearer",
    "expires_in": 3600,
    "user": "USER_HASH",
    "refresh_token": "REFRESH_TOKEN"

User Contributed

LaunchKey links to user contributed code as a resource to its community. LaunchKey does not in any way guarantee or warrant the quality and security of these code bases. User contributed code is supported by the creators. If you do find a link from the site to user contributed code that is malicious or inappropriate in any way, please report that link to LaunchKey immediately and we will investigate the claim. Submit any issue to LaunchKey support at ×