This proxy should work with any OAuth2 enabled API that accepts Bearer tokens and supports the authorization_code login flow.
The easiest way to get started with this proxy is to deploy it to a free heroku
instance using the button below. This button will setup most of the required
variables with defaults to use the
US Battle.net API. It's easy to change from these
defaults if you need to. If you do want to use this proxy for the Battle.net
APIs than you only need to add in your
This proxy will help log in users using a standard OAuth2 Authorization Code flow and then redirect them back to your app with an encrypted access token in the URL fragment.
Now your app can pass that fragment as the
Authorization header in other
requests to this proxy. These requests will be sent to the proxied API with a
Authorization: Bearer token header. This allows you to use the
authorization code flow for front end only apps while keeping your
If you want to run this proxy on Heroku for the US Battle.net API than these are the steps you need to follow:
Register Callback URLfield blank for now.
CLIENT_SECRETwith the data from your https://dev.battle.net account (Key and Secret). Put your front end app's url as the
REDIRECT_URL. Whatever url you put here will have
#token=<token>&iv=<iv>appended to it after login.
Register Callback URLwith
/auth/oauth2/callbackas the path. For example, if your heroku app is named
sample-appthen the callback url shoudl be
<your herouku app>/auth/oauth2.
<your heroku app>/rest/of/the/api/calland include an
Authorizationheader in the form of
Authorization: token=<token> iv=<iv>
These are the configuration variables that this proxy needs to run. If you want to use the US Battle.net API and use the Heroku deploy button above, you only need to setup the BOLDED ones.Variable Description Battle.net API Default API The base url of the API to proxy to
https://us.api.battle.netCLIENT_ID Your OAuth2 Client ID for the proxied API This is listed as your
Keyin your https://dev.battle.net account CLIENT_SECRET Your OAuth2 Client Secret for the proxied API This is listed as your
Secretin your https://dev.battle.net account REDIRECT_URL This is the URL that this proxy will redirect to after login. It should not include the
#symbol. This is where your app is hosted, .i.e
http://myawesomeapp.comAUTHORIZE_URL This is the OAuth2 authorize url for the proxied API
https://us.battle.net/oauth/authorizeTOKEN_URL This is the OAuth2 token url for the proxied API
https://us.battle.net/oauth/tokenSCOPE These are the scopes to request for your OAuth2 access token
wow.profile sc2.profileSECRET This is the secret key used to encrypt your access token This is automatically generated for you by Heroku COOKIE_SECRET This is the secret key used to encrypt your session cookie during login This is automatically generated for you by Heroku