Authorization API


Returns a temporary request token, initiating the OAuth process.


This API returns a temporary request token that begins the OAuth process. The request token must accompany the user to the authorization page, where the user will grant your application limited access to the account. The token expires after five minutes.

HTTP Method: GET

Live URL


Sandbox URL



Property Type Required? Description Allowable Values
oauth_consumer_key header yes The value used by the consumer to identify itself to the service provider.
oauth_timestamp header yes The date and time of the request, in epoch time. Must be accurate within five minutes.
oauth_nonce header yes A nonce, as described in the authorization guide - roughly, an arbitrary or random value that cannot be used again with the same timestamp.
oauth_signature_method header yes The signature method used by the consumer to sign the request. The only supported value is HMAC-SHA1.
oauth_signature header yes Signature generated with the shared secret and token secret using the specified oauth_signature_method, as described in OAuth documentation.
oauth_callback header yes Callback information, as described elsewhere. Must always be set to 'oob', whether using a callback or not.


Status Code Reason Response Model Error Code
200 Successful Operation. OAuthResponse
400 There is issue with input
500 An unexpected error has occurred. The error has been logged and is being investigated.
Property Type Description Possible Values
oauth_token string The consumer's request token
oauth_token_secret string The token secret
oauth_callback_confirmed string Returns true if a callback URL is configured for the current consumer key, otherwise false. Callbacks are described under the Authorize Application API.


Get Request Token Request URL

HTTP header

Authorization: OAuth realm="",oauth_callback="oob",
oauth_signature="FjoSQaFDKEDK1FJazlY3xArNflk%3D", oauth_nonce="LTg2ODUzOTQ5MTEzMTY3MzQwMzE%3D",




  • The request token is only valid for 5 minutes..