# Authorizing Rememberizer apps Rememberizer's implementation supports the standard [authorization code grant type](https://tools.ietf.org/html/rfc6749#section-4.1). The web application flow to authorize users for your app is as follows: 1. Users are redirected to Rememberizer to authorize their account. 2. The user chooses mementos to use with your application. 3. Your application accesses the API with the user's access token. Visit [#explore-third-party-apps-and-service](https://docs.rememberizer.ai/personal-use/integrations/manage-third-party-apps#explore-third-party-apps-and-service "mention") page to see the UI example of the flow. Coming soon: OAuth2 Authorization Flow Diagram This sequence diagram will illustrate the complete OAuth2 flow between: * User's browser * Your application (client) * Rememberizer authorization server * Rememberizer API resources The diagram will show the exchange of authorization codes, tokens, and API requests across all steps of the process. ### Step 1. Request a user's Rememberizer identity Redirect the user to the Rememberizer authorization server to initiate the authentication and authorization process. ``` GET https://api.rememberizer.ai/api/v1/auth/oauth2/authorize/ ``` Parameters:
namedescription
client_idRequired
The client ID for your application. You can find this value in the Developer. Click Developer on the top-left corner. In the list of registered apps, click on your app and you will see the client ID in App Credentials.
response_typeRequired
Must be code for authorization code grants.
scope

Optional

A space-delimited list of scopes that identify the resources that your application could access on the user's behalf.

redirect_uriRequired
The URL in your application where users will be sent after authorization.
state

Required

An opaque value used by the client to maintain state between the request and callback. The authorization server includes this value when redirecting the user-agent back to the client.

### Step 2. User choose and config their mementos Users will choose which mementos to use with your app. ### Step 3. Users are redirected back to your site by Rememberizer After users select their mementos, Rememberizer redirects back to your site with a temporary `code` parameter as well as the state you provided in the previous step in a `state` parameter. The temporary code will expire after a short time. If the states don't match, a third party created the request, and you should abort the process. ### Step 4. Exchange authorization code for refresh and access tokens ``` POST https://api.rememberizer.ai/api/v1/auth/oauth2/token/ ``` This endpoint takes the following input parameters.
namedescription
client_idRequired
The client ID for your application. You can find this value in the Developer. Instruction to find this ID is in step 1.
client_secretRequired
The client secret you received from Rememberizer for your application.
codeThe authorization code you received in step 3.
redirect_uriRequired
The URL in your application where users are sent after authorization. Must match with the redirect_uri in step 1.
### Step 5. Use the access token to access the API The access token allows you to make requests to the API on a user's behalf. ``` Authorization: Bearer OAUTH-TOKEN GET https://api.rememberizer.ai/api/me/ ``` For example, in curl you can set the Authorization header like this: ```shell curl -H "Authorization: Bearer OAUTH-TOKEN" https://api.rememberizer.ai/api/me/ ``` ## References Github: