Developer Portal
App Fundamentals

OAuth2 & Permissions

OAuth2 allows developers to build applications that securely access data from ModVC users.

We support the standard OAuth2 authorization code grant flow. You can use it for two completely different things:

  • Bot Authorization: Letting a server owner add your bot to their server.
  • User Authentication: Letting a user log into your third-party website using their ModVC account (Single Sign-On).

How it works

  1. You redirect the user to ModVC's authorization page (/app/oauth2/authorize).
  2. The user logs into ModVC and approves your application.
  3. ModVC redirects the user back to your website with a temporary code parameter.
  4. Your backend server sends a POST request to exchange that code for an access_token.

Security Warning

Never put your Client Secret in your frontend code. The token exchange must happen on your backend server.