OAuth 2.0 from the Command Line
In this tutorial, I’ll show you how to write a command line script which is able to complete the OAuth exchange all without any copying and pasting long strings! Why? Because it’s mildly useful, but most importantly, because it’s fun!
Daniel Houston
I’m a little confused by this post because I was under the impression that the OAuth2 Authorization Flow with PKCE was supposed to be used for native applications. Why not use it for a CLI as well?
Florian Kempenich
Hi,
I have a quick question: This flow seems to involve storing the client_secret on the client side, where the cli app resides. Isn’t that a problem? I am new to OAuth, but aren’t we supposed to keep the client_secret… secret?
Thx
Micah
Fair point. The client credentials flow is for operations that don’t involve an end user - like a batch or automated process. This is really for demo purposes and is not terribly prsctical 
I’m working on an upcoming post on the authorization code flow with PKCE from the command line, which is meant for native, mobile and web apps without a client secret.
Micah
Fair point. The client credentials flow is for operations that don’t involve an end user - like a batch or automated process. This is really for demo purposes and is not terribly prsctical
I’m working on an upcoming post on the authorization code flow with PKCE from the command line, which is meant for native, mobile and web apps without a client secret.
Jimmy Zimmerman
https://github.com/jimmyz/o…
This adaptation of the script has been modified for use with FamilySearch’s API, but it includes PKCE code verifier and challenge.
Huijing Huang
Hi @afitnerd, have you done writing the post that you mentioned? Where can I find it? Thanks!