Exchanges a temporary OAuth verifier code for an access token.

Optional Params

• client_id - Issued when you created your application. If possible, avoid sending client_id and client_secret as parameters in your request and instead supply the Client ID and Client Secret using the HTTP Basic authentication scheme. If at all possible, avoid sending client_id and client_secret as parameters in your request. ex: 2141029472.691202649728
• client_secret - Issued when you created your application. If possible, avoid sending client_id and client_secret as parameters in your request and instead supply the Client ID and Client Secret using the HTTP Basic authentication scheme. If at all possible, avoid sending client_id and client_secret as parameters in your request. ex: e1b9e11dfcd19c1982d5de12921e17e8c
• code - The code param returned via the OAuth callback. ex: 4724469134.4644010092847.232b4e6d82c333b475fc30f5f5a341d294feb1a94392c2fd791f7ab7731a443d1a
• redirect_uri - This must match the originally submitted URI (if one was sent). ex: http://example.com
• single_channel - Request the user to add your app only to a single channel. Only valid with a legacy workspace app. ex: true

Errors the API can return:

• bad_client_secret - Value passed for client_secret was invalid.
• bad_redirect_uri - Value passed for redirect_uri did not match the redirect_uri in the original request.
• code_already_used - Value passed for code was already exchanged.
• invalid_client_id - Value passed for client_id was invalid.
• invalid_code - Value passed for code was invalid.
• invalid_token - Invalid refresh token.
• missing_resource - Missing permission resource.
• oauth_authorization_url_mismatch - The OAuth flow was initiated on an incorrect version of the authorization url. The flow must be initiated via /oauth/authorize.
• user_email_unverified - The users email is unverified

See the Common Errors guide for errors returned by every Web API method.