Desktop Application Authorization Flow
Desktop application flow is a slightly modified version of the client-side flow. Since desktop applications do not normally run their own web servers, we cannot redirect back to the desktop app URL. Instead, we will redirect to an internal url with the returned fields. Desktop applications can listen to the browser URL changes. Once a URL is matched against a special Platform URL, desktop application can get the access token and other parameters from the URL.
Authentication & Authorization
To enter the authentication/authorization desktop client flow, you must point an embedded browser to the authorization url and pass the following parameters:
If the user is already logged in, we validate the login cookie that we have stored on the user's browser and authenticate the user.If the user is not logged in, they are prompted to enter their credentials:
Once we have successfully authenticated the user, we will prompt the user to authorize your application:
If the user presses Don't Allow, your app is not authorized. The user will be redirected (via HTTP 302) to the special URL with the following error information:
If the user presses Allow, your app is authorized. The user will be redirected (via HTTP 302) to the special URL with an authorization code: