Just tried playing around with the developer api, by attempting to do a manual run-through the given steps at https://monzo.com/docs .
At the “Exchange the authorization code” I receive the following response:
{
“error”: “invalid_request”,
“error_description”: "Missing required parameter code",
“message”: "Missing required parameter code"
}
Needless to say the ‘code’ parameter is not, in fact, missing…
Any clue as to what I may be overlooking?
Look at the section Exchange the authorization code on the docs. The message only says missing a required parameter not which one is missing. So I can only quote this snippet in hope that it helps you out:
http --form POST "https://api.monzo.com/oauth2/token" \
"grant_type=authorization_code" \
"client_id=$client_id" \
"client_secret=$client_secret" \
"redirect_uri=$redirect_uri" \
"code=$authorization_code"
So you require grant type, client_id, client_secret, redirect_uri, and code. I believe that the redirect_uri must match throughout the process as well as a heads up.
EDIT: Will leave the above, just just make sure that the code matches the one returned by the previous API call.
It sounds like you have missed the post request to exchange the authorisation code for an access token.
When you provided a redirect_uri this is used as the link that goes from the magic link email back to the app. On that route you can make a server side post request, taking the code given during the redirect from the users email to the redirect_uri from req.query.code (which access the code provided in the URLs query string). You then need to store the access token somewhere to use in future api requests.
Does that make sense at all?
Could you share any more of your code?