I have used simple REST APIs in the past without authentication, and I am trying to wrap my head around OAuth2. The API I want to use is not Google.
I have seen a few oauth2 nodes for node-red that implement the authorization, getting and refreshing the token. Is there any particular node that you could recommend?
Do I understand it correctly that the OAuth process requests a Bearer token from the server and for the "actual" communication I can use simple HTTP Request nodes with the bearer token added to the header?
Thanks, and Merry Christmas who are reading this today 
I have posted a flow a while back that should be able to help you to get going.
1 Like
Thanks, I will give this a try.
I have it working with Net Atmo based on bakman2's flow.
works perfectly.
I only had time to look into this, but I still feel a bit lost. Looking at the documentation of the API, I see an authorize and token endpoint:
I assume in the Oauth configuration this goes into the the two URLs. But I have no idea how to get the Client ID and secret.
And if I had the IDs, than I need to complete the config, deploy your flow, click on the Authorize button to perform the first manual login, and after the token will be saved in the global variable, and refreshed every 55 minutes by the flow? That's how it is supposed to work?
Ok that sounds like oauth and not oauth2.
Yes, I was thinking the same, but all the links in the document point to oauth2. I think it is probably unfortunate that they used "oauth" in the URI and not "oauth2" and "v1" probably just the version of their interface:
