Since January 2016 figshare supports the OAuth 2.0 Authorization Framework. If you're new to OAuth make sure you have at least a basic understanding before moving on.
To receive a client id and secret you need to register an application in our system. You can easily do this from the figshare applications page in your account.
User is redirected back to
redirect_uri with the following params
added to the query:
Error as described in rfc6749#220.127.116.11:
The token endpoint is located at
In order to receive an access token you need to make a
To get info about an existing access token use the
GET method with the usual authorization means.
Then endpoint accepts both
application/json content types. It will only respond with JSON
and, based on the value of
Successful responses are always
200 and failed ones are always
even for failed authorization.
Success response is a JSON as described in http://tools.ietf.org/html/rfc6749#section-5.1.
scope- not available yet
Error response as described in rfc6749#section-5.2
Currently the only scope available is
all which grants full access to
the resource owner's data. We're working on a more flexible approach.
The supported grant types at this moment are: