OAuth 2.0 Authorization Flow

Last Updated on : 2024-06-12 02:54:58download

This topic describes how to configure OAuth 2.0 authorization for a cloud project. This enables end users to open a link with the client_id and callback URL, log in to the specified app, and authorize your cloud project to access their data.

After authorization, the cloud project will exchange the OAuth 2.0 authorization code for an access token for user data.

Configure OAuth 2.0 authorization

  1. Log in to the Tuya Developer Platform.

  2. In the left navigation bar, choose Cloud.

  3. On the My Cloud Projects page, click Open Project in the Operation column for your target project.

  4. Click the Devices tab.

  5. Click the Link App Account tab.

    OAuth 2.0 Authorization Flow
  6. Click Configure OAuth 2.0 Authorization. Enable the login authorization feature for the desired app and configure the data center and callback URL.

    OAuth 2.0 Authorization Flow
    • The authorization key must be the one specific to app authorization. See App Authorization for details.
    • The callback URL should vary for different data centers. Provide one along with the corresponding processing logic. Once the user gives consent, the OAuth 2.0 authorization code will be sent through this URL and can only be used in the user’s data center.

OAuth 2.0 authorization flow

Users are redirected to the authorization page when opening the configured H5 page.


UserThird Party App/BrowserThird Party CloudTuya CloudUser grantspermission to thethird party cloud.1. User logs in or scans a QRcode for login authorization.1.1 User logs in.1.2 User logs in successfully.1.3 Ask the user to confirmauthorization.1.4 User confirmsauthorization.1.5 User confirms authorization.1.6 Generate OAuth 2.0authorization code andredirect to the callbackURL.UserThird Party App/BrowserThird Party CloudTuya CloudOAuth 2.0 Authorization Code Grant

Authorization flow

  1. The user opens the H5 page for OAuth 2.0 authorization.

    OAuth 2.0 Authorization Flow
  2. They log in to the specified app by scanning a QR code or entering a password.

    OAuth 2.0 Authorization Flow
  3. The user taps Confirm Authorization.

    OAuth 2.0 Authorization Flow
  4. Upon successful authorization, the Tuya cloud sends the OAuth 2.0 authorization code to the third-party cloud through the callback URL.

    OAuth 2.0 Authorization Flow

Exchange OAuth 2.0 authorization code for access token

Third Party CloudTuya CloudExchange OAuth2.0 authorizationcode for anaccess token.1. Get access_token with theclient_id and client_secret code.1.1 Return access_token.Service call.2. Make a service call.2.1 Return the operation result.Third Party CloudTuya CloudExchange Authorization Code for Access Token

For more information, see Authentication Method.