Quick Start Guide

Get up and running with TinyRebrand's OAuth 2.0 API in minutes

This guide will walk you through making your first API call using TinyRebrand's OAuth 2.0 implementation. We'll use the Password Grant flow for simplicity, which is perfect for first-party applications.

Prerequisites: You'll need a TinyRebrand account to follow this guide.Sign Up

Step-by-Step Integration

Get Access Token

Authenticate with your TinyRebrand credentials

Make a POST request to the token endpoint with your credentials:

curl -X POST https://api.tinyrebrand.com/api/oauth/token \
  -H "Content-Type: application/json" \
  -d '{
    "grant_type": "password",
    "client_id": "web-client",
    "username": "[email protected]",
    "password": "your-password"
  }'

Handle the Response

Extract the access token from the response

Successful authentication returns an access token:

{
  "status": 200,
  "code": "OK",
  "message": "Login successful",
  "data": {
    "access_token": "at_1234567890abcdef",
    "refresh_token": "rt_abcdef1234567890",
    "token_type": "Bearer",
    "expires_in": 3600,
    "scope": "user:read user:write links:read links:write ...",
    "user": {
      "id": "507f1f77bcf86cd799439011",
      "email": "[email protected]",
      "name": "Your Name"
    },
    "limits": {
      "domains": { "used": 2, "limit": 3 },
      "links": { "used": 150, "limit": 500 }
    }
  }
}

Make Your First API Call

Use the access token to fetch your profile

Include the access token in the Authorization header:

curl -X GET https://api.tinyrebrand.com/api/user/me \
  -H "Authorization: Bearer at_1234567890abcdef"

Success!

You've successfully authenticated and made your first API call

The API will return your user profile:

{
  "status": 200,
  "code": "OK",
  "message": "User fetched successfully",
  "data": {
    "id": "507f1f77bcf86cd799439011",
    "email": "[email protected]",
    "name": "Your Name",
    "isVerified": true,
    "isActive": true,
    "createdAt": "2024-01-15T10:00:00.000Z"
  }
}

Code Examples

Here are complete examples in different programming languages:

// Node.js with fetch
const response = await fetch('https://api.tinyrebrand.com/api/oauth/token', {
  method: 'POST',
  headers: { 'Content-Type': 'application/json' },
  body: JSON.stringify({
    grant_type: 'password',
    client_id: 'web-client',
    username: '[email protected]',
    password: 'your-password'
  })
});

const tokenData = await response.json();
const accessToken = tokenData.data.access_token;

// Make authenticated request
const userResponse = await fetch('https://api.tinyrebrand.com/api/user/me', {
  headers: { 'Authorization': `Bearer ${accessToken}` }
});

const userData = await userResponse.json();
console.log(userData);

Common Use Cases

First-Party Apps

Use Password Grant for your own applications

Third-Party Apps

Use Authorization Code flow for external integrations

Rate Limits

Important Limits:

• Token requests: 5 per minute
• API requests: 60 per minute
• All requests must use HTTPS

Introduction

Scopes & Permissions