{"_id":"55121961a575b32f007c79f1","project":"550a379f635c660d00527fd8","version":{"_id":"550ada9d921b7d0d00228876","forked_from":"550a3b2542fff40d00ae5ffb","project":"550a379f635c660d00527fd8","__v":3,"createdAt":"2015-03-19T14:18:05.245Z","releaseDate":"2015-03-19T14:18:05.245Z","categories":["550ada9d921b7d0d00228877","550ada9d921b7d0d00228878","550ada9d921b7d0d00228879","550ada9d921b7d0d0022887a","550ada9d921b7d0d0022887b","550ada9d921b7d0d0022887c","550ada9d921b7d0d0022887d","5523e61e71c0542100993493","55246f72ccc28a0d0062c560"],"is_deprecated":false,"is_hidden":false,"is_beta":false,"is_stable":true,"codename":"","version_clean":"3.0.0","version":"3.0.0"},"category":{"_id":"550ada9d921b7d0d00228878","version":"550ada9d921b7d0d00228876","__v":4,"pages":["550ada9e921b7d0d0022888c","550ada9e921b7d0d0022888d","550ada9e921b7d0d0022888e","550ada9e921b7d0d0022888f","55121961a575b32f007c79f1","55297f32b316811900149fac","5595b553f4437019002888fc"],"project":"550a379f635c660d00527fd8","sync":{"url":"","isSync":false},"reference":false,"createdAt":"2015-03-19T02:45:48.278Z","from_sync":false,"order":2,"slug":"authentication","title":"Authentication"},"user":"550a378e635c660d00527fd7","__v":16,"updates":[],"next":{"pages":[],"description":""},"createdAt":"2015-03-25T02:11:45.342Z","link_external":false,"link_url":"","githubsync":"","sync_unique":"","hidden":false,"api":{"results":{"codes":[]},"auth":"required","params":[],"url":""},"isReference":false,"order":1,"body":"[block:callout]\n{\n  \"type\": \"info\",\n  \"title\": \"Notes\",\n  \"body\": \"Application Only OAuth is an unauthenticated form of OAuth. To authenticate with a user, choose a different OAuth type. Read the [OAuth Overview](doc:oauth-overview) for more information.\"\n}\n[/block]\n## What is it?\n\nIt is basically unauthenticated (as in with a user) form of OAuth.\n\n## When it is used?\n\nApplication only OAuth is used in the following situations:\n\n- Bypassing authentication for a call (See [Call Context Options](doc:call-context-options))\n- In `implicit` and `explicit` OAuth types before calling `reddit.auth`\n[block:api-header]\n{\n  \"type\": \"basic\",\n  \"title\": \"Making use of Application only OAuth\"\n}\n[/block]\nTo make use of Application only OAuth, simply use the OAuth type `'explicit'` or `'implicit'` and **do not** call the `reddit.auth` function.\n\nThere is a difference between using `'explicit'` vs `'implicit'` OAuth types when it comes to Application only OAuth. Make sure to use the correct one if making an application that will never \"log in\" and be 100% Application only OAuth.\n[block:api-header]\n{\n  \"type\": \"basic\",\n  \"title\": \"App type: Installed (does not have a secret)\"\n}\n[/block]\nThis app type when using Application only OAuth can act on the behalf of *one or more \"logged out\" users*.\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"var Snoocore = require('snoocore');\\n\\nvar reddit = new Snoocore({\\n  userAgent: 'test:::at:::documentation',\\n  oauth: {\\n    type: 'implicit',\\n    key: 'T_PGcjtzQ_QB0Q',\\n    redirectUri: 'http://localhost:8000',\\n    scope: [ 'read' ],\\n    deviceId: 'DO_NOT_TRACK_THIS_DEVICE' // see below\\n  }\\n});\\n\\n// Using Implicit Application only OAuth\\nreddit('/hot').get().then(console.log);\",\n      \"language\": \"javascript\"\n    }\n  ]\n}\n[/block]\n## `oauth.deviceId`\n\nThis section is modified from reddit's [OAuth2](https://github.com/reddit/reddit/wiki/OAuth2#application-only-oauth) documentation.\n\n> What value should I use for device_id?\n\nGenerate and save unique ID on your client. The ID should be unique per-device or per-user of your app. A randomized or pseudo-randomized value is acceptable for generating the ID; however, you should retain and re-use the same `device_id` when renewing your access token. For example:\n\n**iOS**\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"NSString* uuid = [[NSUUID UUID] UUIDString];\",\n      \"language\": \"objectivec\"\n    }\n  ]\n}\n[/block]\n**Android**\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"import java.util.UUID;\\nString uuid = UUID.randomUUID().toString();\",\n      \"language\": \"java\"\n    }\n  ]\n}\n[/block]\n**Do not** use any personally identifiable information (including non-user-resettable information, such as Android's TelephonyManager.getDeviceId() or Apple's IDFA).\n\nreddit may choose to use this device ID to generate aggregate data about user counts. Clients that wish to remain anonymous should use the value `'DO_NOT_TRACK_THIS_DEVICE'`.\n[block:api-header]\n{\n  \"type\": \"basic\",\n  \"title\": \"App type: Explicit (keeps a secret)\"\n}\n[/block]\nThis app type when using Application only OAuth **does not** act on behalf of one or more logged out users.\n[block:code]\n{\n  \"codes\": [\n    {\n      \"code\": \"var Snoocore = require('snoocore');\\n\\nvar reddit = new Snoocore({\\n  userAgent: 'test@documentation',\\n  oauth: {\\n    type: 'explicit',\\n    key: '',\\n    secret: '',\\n    redirectUri: 'http://localhost:8000',\\n    scope: [ 'read' ]\\n    // Does not have a deviceId!\\n  }\\n});\\n\\n// Using Explicit Application only OAuth\\nreddit('/hot').get().then(console.log);\\n\",\n      \"language\": \"javascript\"\n    }\n  ]\n}\n[/block]\n\n[block:api-header]\n{\n  \"type\": \"basic\",\n  \"title\": \"References & Further information\"\n}\n[/block]\nRefer to reddit's [OAuth2 documentation](https://github.com/reddit/reddit/wiki/OAuth2#application-only-oauth).","excerpt":"","slug":"oauth-application-only","type":"basic","title":"Application Only OAuth"}

Application Only OAuth


[block:callout] { "type": "info", "title": "Notes", "body": "Application Only OAuth is an unauthenticated form of OAuth. To authenticate with a user, choose a different OAuth type. Read the [OAuth Overview](doc:oauth-overview) for more information." } [/block] ## What is it? It is basically unauthenticated (as in with a user) form of OAuth. ## When it is used? Application only OAuth is used in the following situations: - Bypassing authentication for a call (See [Call Context Options](doc:call-context-options)) - In `implicit` and `explicit` OAuth types before calling `reddit.auth` [block:api-header] { "type": "basic", "title": "Making use of Application only OAuth" } [/block] To make use of Application only OAuth, simply use the OAuth type `'explicit'` or `'implicit'` and **do not** call the `reddit.auth` function. There is a difference between using `'explicit'` vs `'implicit'` OAuth types when it comes to Application only OAuth. Make sure to use the correct one if making an application that will never "log in" and be 100% Application only OAuth. [block:api-header] { "type": "basic", "title": "App type: Installed (does not have a secret)" } [/block] This app type when using Application only OAuth can act on the behalf of *one or more "logged out" users*. [block:code] { "codes": [ { "code": "var Snoocore = require('snoocore');\n\nvar reddit = new Snoocore({\n userAgent: 'test@documentation',\n oauth: {\n type: 'implicit',\n key: 'T_PGcjtzQ_QB0Q',\n redirectUri: 'http://localhost:8000',\n scope: [ 'read' ],\n deviceId: 'DO_NOT_TRACK_THIS_DEVICE' // see below\n }\n});\n\n// Using Implicit Application only OAuth\nreddit('/hot').get().then(console.log);", "language": "javascript" } ] } [/block] ## `oauth.deviceId` This section is modified from reddit's [OAuth2](https://github.com/reddit/reddit/wiki/OAuth2#application-only-oauth) documentation. > What value should I use for device_id? Generate and save unique ID on your client. The ID should be unique per-device or per-user of your app. A randomized or pseudo-randomized value is acceptable for generating the ID; however, you should retain and re-use the same `device_id` when renewing your access token. For example: **iOS** [block:code] { "codes": [ { "code": "NSString* uuid = [[NSUUID UUID] UUIDString];", "language": "objectivec" } ] } [/block] **Android** [block:code] { "codes": [ { "code": "import java.util.UUID;\nString uuid = UUID.randomUUID().toString();", "language": "java" } ] } [/block] **Do not** use any personally identifiable information (including non-user-resettable information, such as Android's TelephonyManager.getDeviceId() or Apple's IDFA). reddit may choose to use this device ID to generate aggregate data about user counts. Clients that wish to remain anonymous should use the value `'DO_NOT_TRACK_THIS_DEVICE'`. [block:api-header] { "type": "basic", "title": "App type: Explicit (keeps a secret)" } [/block] This app type when using Application only OAuth **does not** act on behalf of one or more logged out users. [block:code] { "codes": [ { "code": "var Snoocore = require('snoocore');\n\nvar reddit = new Snoocore({\n userAgent: 'test@documentation',\n oauth: {\n type: 'explicit',\n key: '',\n secret: '',\n redirectUri: 'http://localhost:8000',\n scope: [ 'read' ]\n // Does not have a deviceId!\n }\n});\n\n// Using Explicit Application only OAuth\nreddit('/hot').get().then(console.log);\n", "language": "javascript" } ] } [/block] [block:api-header] { "type": "basic", "title": "References & Further information" } [/block] Refer to reddit's [OAuth2 documentation](https://github.com/reddit/reddit/wiki/OAuth2#application-only-oauth).