---
title: 'OAuth2'
description: 'OAuth2 object schemas from the Fluxer API.'
---
## ApplicationBotResponse
Detailed bot user metadata
| Field | Type | Description |
|-------|------|-------------|
| authenticator_types? | [AuthenticatorType](#authenticatortype)[] | The types of authenticators enabled |
| avatar? | ?string | The avatar hash of the bot |
| banner? | ?string | The banner hash of the bot |
| bio | ?string | The bio or description of the bot |
| discriminator | string | The discriminator of the bot |
| flags | [BotFlags](#botflags) | |
| id | [SnowflakeType](#snowflaketype) | The unique identifier of the bot user |
| mfa_enabled? | boolean | Whether the bot has MFA enabled |
| token? | string | The bot token for authentication |
| username | string | The username of the bot |
## ApplicationCreateRequest
**Related endpoints**
- [`POST /oauth2/applications`](/api-reference/oauth2/create-oauth2-application)
| Field | Type | Description |
|-------|------|-------------|
| bot_public? | boolean | Whether the bot can be invited by anyone |
| bot_require_code_grant? | boolean | Whether the bot requires OAuth2 code grant |
| name | string | The name of the application |
| redirect_uris? | ?[OAuth2RedirectURICreateType](#oauth2redirecturicreatetype)[] | The redirect URIs for OAuth2 flows |
## ApplicationFlags
The application flags
Type: integer (int32)
## ApplicationListResponse
**Related endpoints**
- [`GET /oauth2/applications/@me`](/api-reference/oauth2/list-user-applications)
- [`GET /users/@me/applications`](/api-reference/oauth2/list-user-applications)
Type: [ApplicationResponse](#applicationresponse)[]
## ApplicationPublicResponse
**Related endpoints**
- [`GET /oauth2/applications/{id}/public`](/api-reference/oauth2/get-public-application)
| Field | Type | Description |
|-------|------|-------------|
| bot | ?[ApplicationBotResponse](#applicationbotresponse) | The bot user associated with the application |
| bot_public | boolean | Whether the bot can be invited by anyone |
| description | ?string | The description of the application |
| icon | ?string | The icon hash of the application |
| id | [SnowflakeType](#snowflaketype) | The unique identifier of the application |
| name | string | The name of the application |
| redirect_uris | string[] | The registered redirect URIs for OAuth2 |
| scopes | string[] | The available OAuth2 scopes |
## ApplicationResponse
**Related endpoints**
- [`GET /oauth2/applications/{id}`](/api-reference/oauth2/get-application)
- [`POST /oauth2/applications`](/api-reference/oauth2/create-oauth2-application)
- [`POST /oauth2/applications/{id}/client-secret/reset`](/api-reference/oauth2/reset-client-secret)
- [`PATCH /oauth2/applications/{id}`](/api-reference/oauth2/update-application)
| Field | Type | Description |
|-------|------|-------------|
| bot? | [ApplicationBotResponse](#applicationbotresponse) | |
| bot_public | boolean | Whether the bot can be invited by anyone |
| bot_require_code_grant | boolean | Whether the bot requires OAuth2 code grant |
| client_secret? | string | The client secret for OAuth2 authentication |
| id | [SnowflakeType](#snowflaketype) | The unique identifier of the application |
| name | string | The name of the application |
| redirect_uris | string[] | The registered redirect URIs for OAuth2 |
## ApplicationsMeResponse
**Related endpoints**
- [`GET /applications/@me`](/api-reference/oauth2/list-current-user-applications)
| Field | Type | Description |
|-------|------|-------------|
| bot? | [ApplicationBotResponse](#applicationbotresponse) | |
| bot_public | boolean | Whether the bot can be invited by anyone |
| bot_require_code_grant | boolean | Whether the bot requires OAuth2 code grant |
| description | ?string | The description of the application |
| flags | [ApplicationFlags](#applicationflags) | |
| icon | ?string | The icon hash of the application |
| id | [SnowflakeType](#snowflaketype) | The unique identifier of the application |
| name | string | The name of the application |
## ApplicationUpdateRequest
**Related endpoints**
- [`PATCH /oauth2/applications/{id}`](/api-reference/oauth2/update-application)
| Field | Type | Description |
|-------|------|-------------|
| bot_public? | boolean | Whether the bot can be invited by anyone |
| bot_require_code_grant? | boolean | Whether the bot requires OAuth2 code grant |
| name? | string | The name of the application |
| redirect_uris? | ?[OAuth2RedirectURIUpdateType](#oauth2redirecturiupdatetype)[] | The redirect URIs for OAuth2 flows |
## AuthorizeConsentRequest
**Related endpoints**
- [`POST /oauth2/authorize/consent`](/api-reference/oauth2/grant-oauth2-consent)
| Field | Type | Description |
|-------|------|-------------|
| client_id | [SnowflakeType](#snowflaketype) | |
| guild_id? | [SnowflakeType](#snowflaketype) | |
| permissions? | string | The bot permissions to request |
| redirect_uri? | string | The URI to redirect to after authorization |
| response_type? | string | The OAuth2 response type |
| scope | string | The space-separated list of requested scopes |
| state? | string | A random string for CSRF protection |
## BotFlags
The bot user flags
Type: Bitflags32
| Flag | Value | Description |
|------|-------|-------------|
| FRIENDLY_BOT | `16` | Bot accepts friend requests from users |
| FRIENDLY_BOT_MANUAL_APPROVAL | `32` | Bot requires manual approval for friend requests |
## BotProfileResponse
**Related endpoints**
- [`PATCH /oauth2/applications/{id}/bot`](/api-reference/oauth2/update-bot-profile)
| Field | Type | Description |
|-------|------|-------------|
| avatar | ?string | The avatar hash of the bot |
| banner | ?string | The banner hash of the bot |
| bio | ?string | The bio or description of the bot |
| discriminator | string | The discriminator of the bot |
| id | [SnowflakeType](#snowflaketype) | The unique identifier of the bot user |
| username | string | The username of the bot |
## BotProfileUpdateRequest
**Related endpoints**
- [`PATCH /oauth2/applications/{id}/bot`](/api-reference/oauth2/update-bot-profile)
| Field | Type | Description |
|-------|------|-------------|
| avatar? | ?[Base64ImageType](#base64imagetype) | The avatar image as base64 |
| banner? | ?[Base64ImageType](#base64imagetype) | The banner image as base64 |
| bio? | ?string | The bio or description of the bot |
| bot_flags? | [BotFlags](#botflags) | |
| discriminator? | string | The discriminator of the bot |
| username? | [UsernameType](#usernametype) | |
## BotTokenResetResponse
**Related endpoints**
- [`POST /oauth2/applications/{id}/bot/reset-token`](/api-reference/oauth2/reset-bot-token)
| Field | Type | Description |
|-------|------|-------------|
| bot | [ApplicationBotResponse](#applicationbotresponse) | |
| token | string | The new bot token |
## IntrospectRequestForm
**Related endpoints**
- [`POST /oauth2/introspect`](/api-reference/oauth2/introspect-oauth2-token)
| Field | Type | Description |
|-------|------|-------------|
| client_id? | [SnowflakeType](#snowflaketype) | |
| client_secret? | string | The application client secret |
| token | string | The token to introspect |
## OAuth2AuthorizationResponse
| Field | Type | Description |
|-------|------|-------------|
| application | [OAuth2AuthorizationResponseApplication](#oauth2authorizationresponseapplication) | The application that was authorized |
| authorized_at | string | The timestamp when the authorization was granted |
| scopes | string[] | The list of granted OAuth2 scopes |
## OAuth2AuthorizationsListResponse
**Related endpoints**
- [`GET /oauth2/@me/authorizations`](/api-reference/oauth2/list-user-oauth2-authorizations)
Type: [OAuth2AuthorizationResponse](#oauth2authorizationresponse)[]
## OAuth2ConsentResponse
**Related endpoints**
- [`POST /oauth2/authorize/consent`](/api-reference/oauth2/grant-oauth2-consent)
| Field | Type | Description |
|-------|------|-------------|
| redirect_to | string | The URL to redirect the user to after consent |
## OAuth2IntrospectResponse
**Related endpoints**
- [`POST /oauth2/introspect`](/api-reference/oauth2/introspect-oauth2-token)
| Field | Type | Description |
|-------|------|-------------|
| active | boolean | Whether the token is currently active |
| client_id? | [SnowflakeType](#snowflaketype) | |
| exp? | [Int32Type](#int32type) | |
| iat? | [Int32Type](#int32type) | |
| scope? | string | The space-separated list of scopes |
| sub? | [SnowflakeType](#snowflaketype) | |
| token_type? | string | The type of token |
| username? | string | The username of the token owner |
## OAuth2MeResponse
**Related endpoints**
- [`GET /oauth2/@me`](/api-reference/oauth2/get-current-oauth2-user)
| Field | Type | Description |
|-------|------|-------------|
| application | [OAuth2MeResponseApplication](#oauth2meresponseapplication) | The application associated with the token |
| expires | string | The expiration timestamp of the token |
| scopes | string[] | The list of granted OAuth2 scopes |
| user? | [OAuth2MeResponseUser](#oauth2meresponseuser) | The user associated with the token |
## OAuth2RedirectURICreateType
Type: string
## OAuth2RedirectURIUpdateType
Type: string
## OAuth2TokenResponse
**Related endpoints**
- [`POST /oauth2/token`](/api-reference/oauth2/exchange-oauth2-token)
| Field | Type | Description |
|-------|------|-------------|
| access_token | string | The access token for API authorization |
| expires_in | integer (int32) | The number of seconds until the access token expires |
| refresh_token | string | The refresh token for obtaining new access tokens |
| scope | string | The space-separated list of granted scopes |
| token_type | string | The type of token, typically "Bearer" |
## OAuth2UserInfoResponse
**Related endpoints**
- [`GET /oauth2/userinfo`](/api-reference/oauth2/get-oauth2-user-information)
| Field | Type | Description |
|-------|------|-------------|
| avatar | ?string | The avatar hash of the user |
| discriminator | string | The discriminator of the user |
| email? | ?string | The email address of the user |
| flags? | [PublicUserFlags](#publicuserflags) | |
| global_name | ?string | The global display name of the user |
| id | [SnowflakeType](#snowflaketype) | The unique identifier of the user |
| sub | [SnowflakeType](#snowflaketype) | The subject identifier of the user |
| username | string | The username of the user |
| verified? | ?boolean | Whether the user has verified their email |
## RevokeRequestForm
**Related endpoints**
- [`POST /oauth2/token/revoke`](/api-reference/oauth2/revoke-oauth2-token)
| Field | Type | Description |
|-------|------|-------------|
| client_id? | [SnowflakeType](#snowflaketype) | |
| client_secret? | string | The application client secret |
| token | string | The token to revoke |
| token_type_hint? | [RevokeRequestFormTokenTypeHint](#revokerequestformtokentypehint) | A hint about the type of token being revoked |
## TokenRequest
**Related endpoints**
- [`POST /oauth2/token`](/api-reference/oauth2/exchange-oauth2-token)
Type: [TokenRequestOneOf0](#tokenrequestoneof0) \| [TokenRequestOneOf1](#tokenrequestoneof1)
## RevokeRequestFormTokenTypeHint
A hint about the type of token being revoked
| Value | Description |
|-------|-------------|
| `access_token` | An OAuth2 access token |
| `refresh_token` | An OAuth2 refresh token |
## OAuth2AuthorizationResponseApplication
The application that was authorized
| Field | Type | Description |
|-------|------|-------------|
| bot_public | boolean | Whether the bot can be invited by anyone |
| description | ?string | The description of the application |
| icon | ?string | The icon hash of the application |
| id | [SnowflakeType](#snowflaketype) | The unique identifier of the application |
| name | string | The name of the application |
## OAuth2MeResponseApplication
The application associated with the token
| Field | Type | Description |
|-------|------|-------------|
| bot_public | boolean | Whether the bot can be invited by anyone |
| bot_require_code_grant | boolean | Whether the bot requires OAuth2 code grant |
| description | ?string | The description of the application |
| flags | [ApplicationFlags](#applicationflags) | |
| icon | ?string | The icon hash of the application |
| id | [SnowflakeType](#snowflaketype) | The unique identifier of the application |
| name | string | The name of the application |
## OAuth2MeResponseUser
The user associated with the token
| Field | Type | Description |
|-------|------|-------------|
| avatar | ?string | The avatar hash of the user |
| avatar_color | ?[Int32Type](#int32type) | The default avatar color of the user |
| bot? | boolean | Whether the user is a bot |
| discriminator | string | The discriminator of the user |
| email? | ?string | The email address of the user |
| flags | [PublicUserFlags](#publicuserflags) | |
| global_name | ?string | The global display name of the user |
| id | [SnowflakeType](#snowflaketype) | The unique identifier of the user |
| system? | boolean | Whether the user is a system user |
| username | string | The username of the user |
| verified? | ?boolean | Whether the user has verified their email |
## TokenRequestOneOf0
| Field | Type | Description |
|-------|------|-------------|
| client_id? | [SnowflakeType](#snowflaketype) | |
| client_secret? | string | The application client secret |
| code | string | The authorization code received from the authorize endpoint |
| grant_type | enum<`authorization_code`> | The grant type for exchanging an authorization code |
| redirect_uri | string | The redirect URI used in the authorization request |
## TokenRequestOneOf1
| Field | Type | Description |
|-------|------|-------------|
| client_id? | [SnowflakeType](#snowflaketype) | |
| client_secret? | string | The application client secret |
| grant_type | enum<`refresh_token`> | The grant type for refreshing an access token |
| refresh_token | string | The refresh token to exchange for a new access token |