Discord OAuth2 Exchange
Authenticate users via Discord's OAuth2 to retrieve access tokens and user profile data.
The Discord OAuth2 Exchange block allows you to exchange an authorization code for a Discord access token and basic user information. This is used for implementing "Log in with Discord" or interacting with the Discord API on behalf of a user.
After a user authorizes your application on Discord, they are sent back to your Redirect URI with a code. This block exchanges that code for a token, which allows you to identify the user and perform actions in their name.
Configuration
| Field | Required | Description |
|---|---|---|
| Client ID | ✅ | Your Discord application's Client ID from the Discord Developer Portal. |
| Client Secret | ✅ | Your Discord application's Client Secret. Must be stored as a Secret. |
| Redirect URI | ✅ | The URI where Discord redirects the user after authorization. |
| Authorization Code | ✅ | The code received from Discord (e.g., {request.query.code}). |
| Access Token Variable | ✅ | The variable name where the resulting data will be stored. |
Always store your Client Secret in the project's Secrets configuration. Never hardcode it as a plain string in the block.
Output
Once executed, the block stores a JSON object in your specified variable:
{
"tokens": {
"access_token": "6qrZcUqja7812RVdnEKjpzOL4CvHBFG",
"token_type": "Bearer",
"expires_in": 604800,
"refresh_token": "D43f5y0ahjqew82jZ4NViEr2YafMKhue",
"scope": "identify"
},
"user": {
"id": "80351110224678912",
"username": "nelliel",
"discriminator": "0001",
"avatar": "8342729096ea3675442027381ff50fd2",
"email": "[email protected]"
}
}You can access specific fields using dot notation:
{discord_auth.user.username}{discord_auth.tokens.access_token}
Error Handling
MISSING_CLIENT_ID— The Client ID field is empty.MISSING_CLIENT_SECRET— The Client Secret selection is empty.MISSING_REDIRECT_URI— The Redirect URI is missing.MISSING_CODE— No authorization code was provided.SECRET_RETRIEVE_ERROR— Failed to retrieve the secret from storage.INVALID_CODE— The authorization code is invalid or has already been used.INVALID_CLIENT— Client authentication failed (check your Client Secret).INVALID_REDIRECT_URI— The Redirect URI does not match the one registered in Discord.INVALID_REQUEST— The request is missing a required parameter.USER_FETCH_ERROR— Failed to retrieve the user profile after token exchange.RUNTIME_ERROR— An unexpected error occurred.
Example
- User Login: Redirect your user to Discord's Auth URL.
- Callback: Discord redirects to your endpoint:
https://your-api.com/callback?code=abc123xyz. - Exchange: Use this block to process the code:
- Authorization Code:
{request.query.code} - Access Token Variable:
discord_session
- Authorization Code:
- Result: You now have the user's ID
{discord_session.user.id}to identify them in your database.
