Authentication with OAuth 2.0

The Streamlabs Developer API allows the use of both an api key and OAuth 2.0 protocol to authorize requests that are made of behalf of a StreamLabs Customer.

OAuth 2.0 is typically used in situations where a company wants to link a user in their system to a StreamLabs Customer. For example, connecting your Amazon Alexa account to your StreamLabs account by signing in with your StreamLabs credentials. This method does not require an apiKey for each user.

Requesting OAuth Credentials

To receive OAuth2 credentials, send an email to support@streamlabswater.com with a subject of OAuth 2 Client Request and the following information in the body:

Your Name,
Company Info (name, email, phone number).
Your application name and website
A paragraph that briefly describes what your application does and how you'll use the api.
A redirect uri
A signout uri

The redirect uri and signout uri will be used to redirect users back to your webserver or mobile app after they authenticate or disconnect with StreamLabs®.
The service will only redirect users to a registered URI, which helps prevent some attacks. Both the redirect uri and signout uri must be protected with TLS security (ie. a valid SSL Certificate) , so the service will only redirect to URIs beginning with https. This prevents tokens from being intercepted during the authorization process. Native apps may register a redirect uri with a custom URL scheme for the application.

Authorization Flow

Once your request has been approved we will provide you with a client_id and a client_secret

In order to start making requests you will also need the StreamLabs auth domain https://auth.streamlabswater.com and the redirect_uri you provided in your credentials request

authorization flow

Step 1: User Sign In

Your client makes a GET request to the auth login url.

GET https://auth.streamlabswater.com/login

Query Params

response_type string required: The OAuth response type. Has to be code
client_id string required: The client_id issued by StreamLabs
redirect_uri string required: Your redirect uri

The request should present a Streamlabs login form to the user

GET https://auth.streamlabswater.com/login HTTP/1.1
  ?response_type=code
  &client_id={client_id}
  &redirect_uri={redirect_uri}

Step 2: Receive Authorization Code

Once the user is logged in successfully, StreamLabs makes a GET request to the clients redirect_uri with a code query parameter.

GET {redirect_uri}

Query Params

code string required: authorization code

GET {redirect_uri}?code={} HTTP/1.1

Step 3: Request Authorization Token

Make a POST request to the StreamLabs® oauth2 token endpoint, in order to receive a token.

POST https://auth.streamlabswater.com/oauth2/token

Request Headers

Authorization string required: Basic HTTP authorization header. The key is a base64 representation of the client_id and client_secret, concatenated with a colon.
Content-Type string required: application/x-www-form-urlencoded

Request Body

grant_type string required: The authorization grant type. Has to be authorization_code
client_id string required: The client_id issued by StreamLabs
redirect_uri string required: Your redirect uri
code string required: authorization code

POST https://auth.streamlabswater.com/oauth2/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Authorization: Basic Base64Encode(client_id:client_secret)

grant_type=authorization_code&client_id={client_id}&redirect_uri={redirect_uri}&code={code}

Step 4: Receive Access Token

Once the request is successful, Streamlabs® will send a POST request to your redirect_uri with an accessToken in the body.

Your client can now make calls to the StreamLabs® developer API with an Authorization header of type Bearer.

POST {redirect_uri}

Response Body

access_token string: A valid access token
refresh_token string: A valid refresh token that can be used to retrieve new tokens
token_type string: Bearer
expires_in string: The length of time (in seconds) that the client_id and/or access_tokenare valid for

{
  "access_token":"Z2V0IHlvdXIgb3duIGNvZGU= ...",
  "refresh_token":"WjJWMElIbHZkWElnYj9 .....",
  "token_type":"Bearer",
  "expires_in":3600
}

Refreshing expired access tokens

To refresh expired tokens make a POST request to the auth endpoint.

POST https://auth.streamlabswater.com/oauth2/token

Request Headers

Authorization string required: Basic HTTP authorization header. The key is a base64 representation of the client_id and client_secret, concatenated with a colon.
Content-Type string required: application/x-www-form-urlencoded

Request Body

grant_type string required: The authorization grant type. Has to be refresh_token
client_id string required: The client_id issued by StreamLabs
refresh_token string required: The refresh token received together with the access token

POST https://auth.streamlabswater.com/oauth2/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Authorization: Basic Base64Encode(client_id:client_secret)

grant_type=refresh_token&client_id={client_id}&refresh_token={refresh_token}