The first step is to request the authorization from the user. This call will return a redirect to the login page.

Authorize Request:

curl -i -X GET -d "client_id=pekfaf6jxk6suyXXXXXXXXXX" --data-urlencode "redirect_uri=" -d "response_type=token" ""

HTTP/1.1 302 Found
Content-Type: text/plain; charset=UTF-8
Date: Mon, 28 Apr 2014 14:03:51 GMT
Server: Apache-Coyote/1.1
Set-Cookie: JSESSIONID=2D3C7E5AA412DF98124B8AC7121FEF7D; Path=/; Secure; HttpOnly
Content-Length: 0
Connection: keep-alive

If you did this through a browser, the login screen would appear to the user:


After logging in, the user will be redirected to the redirect_url specified in the authorization request with the access token appended to it. For the request above, the redirect uri would look like::

From this response, the endpoint at would parse the access token and begin making API calls.