Fetching User Token

Using the “state” from step 10, “code verifier” from step 12, and the “authorization code” from step 9, you need to make a network call to Truecaller’s backend so as to fetch the access token :

POST https://oauth-account-noneu.truecaller.com/v1/token

Headers

NameTypeDescription

Content-Type*

application/x-www-form-urlencoded

String

Request Body

NameTypeDescription

grant_type

"authorization_code"

// hardcoded value

String

client_id

<YOUR_CLIENT_ID>

code

<USER_AUTHORISATION_CODE>

Authorisation code from TcOAuthData callback from step 9

code_verifier

<YOUR_CODE_VERIFIER>

From step 12

200: OK Success

{ "access_token": "some-access-token", "expires_in": 3600, "token_type": "Bearer" }

400: Bad Request - If grant type is not supported 403: Forbidden - If client id is invalid 500: Internal Server Error - Unexpected error on the server side 400: Bad Request - Some of the parameters are empty in the request 403: Forbidden Valid grant type but not allowed for the client 403: Forbidden Invalid auth code provided 403: Forbidden Invalid/expired auth code in provided 403: Forbidden Invalid/expired code verifier is provided 429: Too Many Requests If the number of requests exceeds the allowed limit 503: Service Unavailable Resource unavailable due to server-side issue

Sample cURL request :

curl --location --request POST 'https://oauth-account-noneu.truecaller.com/v1/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=authorization_code' \
--data-urlencode 'client_id=<<your-client-id>>' \
--data-urlencode 'code=<<authorization_code>>' \
--data-urlencode 'code_verifier=<<your-code-verifier>>'

Last updated

Copyright © 2009-2024 True Software Scandinavia AB. All rights reserved. Truecaller™ is a registered trademark.