OAuth Overview
Allow users to authorize your application to access TikTok LIVE data on their behalf using the Euler Stream OAuth system.
The Euler Stream OAuth system enables third-party applications to securely access TikTok LIVE functionality on behalf of users. Instead of requiring users to share their TikTok session credentials directly, OAuth provides a secure, standardized authorization flow.
What is Euler Stream OAuth?
Euler Stream OAuth implements the industry-standard OAuth 2.0 Authorization Code flow with a TikTok-specific twist: users authenticate by scanning a QR code with their TikTok mobile app, ensuring secure credential handling without password exposure.
Key Benefits
- User Control: Users explicitly approve what permissions your app receives
- Security: TikTok credentials never touch your servers
- Revocable: Users can revoke access at any time
- Scoped Access: Request only the permissions your application needs
Quick Start
1. Create an OAuth Client
Navigate to Dashboard → OAuth and create a new OAuth client. You'll receive:
- Client ID: Public identifier for your application
- Client Secret: Keep this secret! Used for token exchange
2. Redirect Users to Authorize
Send users to the authorization endpoint:
https://www.eulerstream.com/tiktok/oauth/authorize?
client_id=YOUR_CLIENT_ID
&redirect_uri=https://yourapp.com/callback
&response_type=code
&scope=webcast:fetch webcast:live_check
&state=RANDOM_CSRF_TOKEN
3. Handle the Callback
After authorization, users are redirected to your redirect_uri with an authorization code:
https://yourapp.com/callback?code=AUTHORIZATION_CODE&state=RANDOM_CSRF_TOKEN
4. Exchange Code for Tokens
Exchange the authorization code for access and refresh tokens:
const response = await fetch('https://tiktok.eulerstream.com/tiktok/oauth/token', {
method: 'POST',
headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
body: new URLSearchParams({
grant_type: 'authorization_code',
code: authorizationCode,
redirect_uri: 'https://yourapp.com/callback',
client_id: 'YOUR_CLIENT_ID',
client_secret: 'YOUR_CLIENT_SECRET',
}),
});
const tokens = await response.json();
// {
// access_token: "...",
// refresh_token: "...",
// token_type: "Bearer",
// expires_in: 3600,
// scope: "webcast:fetch webcast:live_check"
// }5. Make API Requests
Use the access token to make authenticated requests:
const response = await fetch('https://tiktok.eulerstream.com/webcast/fetch', {
headers: {
'Authorization': `Bearer ${accessToken}`,
},
// ... request body
});Token Expiration Summary
| Token Type | Lifetime | Action Required |
|---|---|---|
| Access Token | 1 hour | Refresh using refresh token |
| Refresh Token | 30 days | User must re-authorize |
Important: Users must re-authenticate every 30 days when the refresh token expires. Plan your application to handle this gracefully.
Integration Endpoints
| Endpoint | URL | Purpose |
|---|---|---|
| Authorization | https://www.eulerstream.com/tiktok/oauth/authorize | Start OAuth flow |
| Token | https://tiktok.eulerstream.com/tiktok/oauth/token | Exchange codes/refresh tokens |
| Revoke | https://tiktok.eulerstream.com/tiktok/oauth/revoke | Revoke tokens |
Next Steps
- Authorization Flow - Detailed walkthrough of the OAuth flow
- Available Scopes - Learn about available permissions
- Token Lifecycle - Manage token expiration and refresh
- Security Model - Understand our security architecture
- Error Handling - Handle errors gracefully