OAuth 2 Community Implementation Examples

API Discussion
Members of the developer community have requested examples for OAuth implementations in different languages. We've created a few examples which can be found here, but in recognition of the talented developers in our community, we wanted to invite you to share your own!

Feel free to contribute your own examples of OAuth Client Credentials flow in this thread!
This is a Ruby on Rails sample application showing how to retrieve Wow game data (region and realms only at the moment) using the Ruby gem blizzard_api that I published earlier.


The gem supports both Authorization Code flow and Client Credentials flow and have support to (probably) all endpoints available for all games. The gem is fully documented and source code provides some hints on how the authorization process works.

The actual code for generating an access_token using the Client Credentials flow can be found here

Here is an C# example:

The OAuth POST is done in here

and the result is processed here
Here is a PHP example:

namespace Your\Namespace;

use GuzzleHttp\Client;
use GuzzleHttp\HandlerStack;
use kamermans\OAuth2\GrantType\ClientCredentials;
use kamermans\OAuth2\OAuth2Middleware;

// This client you use to get your token
$tokenClient = new Client([
'base_uri' => 'https://us.battle.net/oauth/token',

$tokenConfig = [
"client_id" => 'your client_id',
"client_secret" => 'your client_secret',

$grant_type = new ClientCredentials($tokenClient, $tokenConfig);
$oauth = new OAuth2Middleware($grant_type);
$stack = HandlerStack::create();


// This client you use to get your wow data, for example a char data
$client = new Client([
'handler' => $stack,
'auth' => 'oauth',

//Build your url, for example to get your char data
$url = 'https://eu.api.blizzard.com/wow/character/' . $realm . '/' . $name;

$response = $client->get($url);

// ...and here ist your json response

You just need to include GuzzleHttp and kamermans\OAuth2 libraries into your projects and are good to go.
I'm trying to figure out how to renew my bearer token with a function through Python. Anyone have any experience with this?
I'm trying to figure out how to renew my bearer token with a function through Python. Anyone have any experience with this?

I'm interacting with the API in Python using rauth module for authentication, but I'm just requesting a fresh token for each session and so far it's working although I realize it's not good practice.
What do you mean by renewing the token? Are you caching it on the server?
If so I'd presume it would be ok to check it's status via /oauth/check_token and request & save a new one if it's expired?
So how do you acquire the token and store it now? What modules are you using?
Since I still am not sure what you intend to do, here's how I would go about poking the token:

# -*- coding: utf-8 -*-

import requests, web, json;
from datetime import datetime as dt;
from rauth import OAuth2Service;

#set up the OAuth thingy with some useful info
bnet = OAuth2Service(
name = 'bnet',
client_id = 'your-client-id-here',
client_secret = 'your-client-secret-here',
access_token_url = 'https://eu.battle.net/oauth/token',
authorize_url = 'https://eu.battle.net/oauth/authorize',
base_url = 'https://eu.api.blizzard.com/' );

#load your existing token here
token = your_load_token_func(); #either from file or database or cookie or whatever

#do a POST request the simplest way
token_check = requests.post( 'https://eu.battle.net/oauth/check_token', data = { 'token': token } );
#now check the response and look for whatever you like
if not token_check.status_code == 200:
#the following is inconsistent, content is sometimes HTML, sometimes JSON
print 'Invald request. Server sent:', token_check.content;
#valid request; check the answer for whatever you want
#for example I will calculate how much time left to the token expiry date
print 'time left on the token:', dt.fromtimestamp( token_check.json()['exp'] ) - dt.now();

#now I don't have an expired token to see what the response is.
#put in the following conditional whatever you need:
if not token or token_expired_func():
#now we make use of the OAuth thingy to acquire the token in a proper way
token = bnet.get_access_token(
decoder = json.loads,
data = { 'grant_type': 'client_credentials' } );

#now having the 100% valid token, we acquire the OAuth session
session = bnet.get_session( token = token );

#and we do all our requests with it like this:
data = session.get(
params = {
'locale': 'en_GB',
'fields': 'items' }
print data['items']['averageItemLevelEquipped'];

And of course save your token after bnet.get_access_token() :)
Very short "extract realms list and pretty print the json" app in GoLang:


The hardest part is to get a valid token:

Join the Conversation

Return to Forum