Was this page helpful?

OAuth

OAuth token is a type of content management token which can used in case of building a public integration that requests access to other Contentful user's data.

Creating an OAuth 2.0 application

If you are creating apps for changing content stored in Contentful, you will need to create a custom OAuth application.

An OAuth 2.0 application has a number of benefits:

  • OAuth 2.0 access tokens are linked to your app.
  • You can request the correct OAuth 2.0 scopes for your application (content_management_read or content_management_manage).
  • You can specify a custom redirect URI that will receive the access token as part of the URI's hash fragment.
  • You can specify a custom name and description.
  • You can specify whether your application is confidential or public.

Create a new OAuth 2.0 application

Requesting an OAuth 2.0 access token

After creating an OAuth 2.0 application, you can use it to request OAuth 2.0 access tokens.

Redirect your users to Contentful's OAuth 2.0 endpoint URI. This will show a web page where logged in Contentful users can authorize your application to access their content.

https://be.contentful.com/oauth/authorize?response_type=token&client_id=$YOUR_APPS_CLIENT_ID&redirect_uri=$YOUR_APPS_REDIRECT_URL&scope=content_management_manage

After a user has logged in, handle the callback from Contentful to your app redirect URI. This will look similar to the example below, and you can extract the access token from the URI hash fragment.

http://localhost:8080/my-app/#access_token=$CONTENT_MANAGEMENT_API_ACCESS_TOKEN

Keep the extracted access token for future use. You are now be able to make Content Management API requests on behalf of the authenticated user.