The ChangeTip API requires authentication, which can be provided via an access token. For application developers, we also provide OAuth2 Access, so your users can login using ChangeTip and give your application approval to carry out actions on the user's behalf.
Register an application with us to gain access to the ChangeTip API endpoints.
You will receive an access token which you can use to access your own data as well as any user's data that your application has been given permission to access.
Once you have an access token, you may append it to the url as a query string parameter named
$ curl https://api.changetip.com/v2/currencies/?access_token=<your_access_token>
or send it in an authentication header:
$ curl -H "Authorization: Bearer <your_access_token>" https://api.changetip.com/v2/currencies/
The security and privacy of our users is of paramount importance at ChangeTip. We want to ensure that users of any applications developed with our API are informed about what they may be sharing. For that reason, ChangeTip offers a variety of permissions, called scopes, that an application may request access to.
Not all ChangeTip applications require every scope that we offer, and it is a best practice to only request the scopes that your application will actually utilize. The user will be presented with a list of scopes your application is requesting, so keeping it down to only those that your application will use is valuable in ensuring users’ comfort with approving your application.
To specify the scopes you want to request, simply add a “scope” parameter in the authorization URL with a list of scopes separated by spaces.
&scope=read_user_basic%20read_user_full would be appended to your authorization URL to request only the two read_user scopes.
In order to protect our users' privacy, some of the scopes in our API apply only to the owner of the application, and not all of its end users. For example,
read_all_tips_on_channel is not an endpoint that end users likely need to make requests to. If your application wants to access
The scopes that ChangeTip offers are outlined below. Note that scopes marked in dark red are considered “elevated” scopes, and require ChangeTip’s approval before they’ll work for authorized users of your application. However, in order to allow you to start developing right away, they’ll work on your own user account.
OAuth2 is an authentication standard which allows your application to receive a user's permission to act on their behalf. Using OAuth2, your application will receive an access token, which grants you permissions to perform user approved actions.
Actions include activities such as allowing a user to login to your application with their ChangeTip account, viewing their balance, processing tips for them, automatic withdrawals, etc.
Client Secret, as these will be placed in the settings for that library. At this time, you'll want to enter ChangeTip's
Authorization URL(https://www.changetip.com/o/authorize/) and
Token URL(https://www.changetip.com/o/token/) in your settings as well.
Maintaining access to the application:
access_token, your OAuth client library (or custom code you wrote) should save the
refresh_tokenthat comes back with your
refresh_tokenparameter and the value stored earlier. The
POSTparameters, then, would look something like:
The open source library you choose will handle the vast majority of the heavy lifting for you, including generating the authorization URL and exchanging grants and tokens - all you'll need to do is put in the proper settings. However, if you're interested in learning more about the intricacies of OAuth2, we recommend this excellent simplified explanation of OAuth2.
Here, we walk you through an example oauth2 application, written in python / django.