cancel
Showing results for 
Search instead for 
Did you mean: 

REST request

plazu
Mt. Kenya

Hi

I want to do some REST requests. Is it possible to authorize without having to use the login screen?

2 REPLIES 2

ActivityFix
Elbrus

For the initial app authorization you must use the login screen. As @orbjeff said, that is part of how the OAuth flow works.

Once the app has been authorized, you can use the refresh token provided in the initial OAuth response to get a new access token once the original one expires. Until the user revokes permissions for your app, you can indefinitely get new access tokens without needing to use the login screen.

orbjeff
Shkhara

My understanding is that the Strava API implements the OAuth 2.0 specification. There are multiple authentication flows in this specification and the one you are asking about is called the "Client Credentials" flow. This flow is typically used for machine to machine authentication. The "Authorization Code" flow is what requires the login screen and the reason is because individual users are giving your app permission to post, modify, create activities on that user's behalf. 

There used to be a way to configure an application ("Client Credentials") under you own Strava account in the "Settings" section but I don't see that anymore. Maybe this has changed with some of the API updates.