To authenticate a user, direct them to the following URL:

https://untappd.com/oauth/authenticate/?client_id=CLIENTID&response_type=code&redirect_url=REDIRECT_URL

Notice: We optional support the state parameter that can be used in the request like below to prevent Cross-site Request Forgery. Simple pass the state paramater in the authentication URL like &state=STATEVALUE to enable this. The state paramater will be returned in the URL below as well once authentication occurs for you to validate.

After the user has authenticated and authorized the application, we will redirect back to the following URL:

http://REDIRECT_URL?code=CODE

Note: Your Redirect URL (also known as the Callback URL) is set up in your App Settings. You can change it anytime by going to your dashboard and clicking the Edit link next to link. This a required paramater for all apps that use authentication.

Taking the code paramater and then pass it back to the following address via GET (pass parameters via the Query String). Ensure that the REDIRECT_URL you supply in this call, is the same that was supplied in the authenticate call:

https://untappd.com/oauth/authorize/?client_id=CLIENTID&client_secret=CLIENTSECRET&response_type=code&redirect_url=REDIRECT_URL&code=CODE