OAuth provider callback (per-user) — server-side proxy to Junction
Browser-redirect target after the user authorizes at the provider. Per plan §6.0, coach proxies to Junction's `/v2/link/connect/{slug}` server-side and mirrors Junction's response so junction.com never appears in the user's URL bar.
Path Parameters
uuidHeader Parameters
Response Body
application/json
application/json
curl -X GET "https://loading/v1/users/497f6eca-6276-4993-bfeb-53cbbbba6f08/devices/auth/callback"null{
"detail": [
{
"loc": [
"string"
],
"msg": "string",
"type": "string"
}
]
}Get a link token to start an OAuth or Cloud Link connection
First step of an OAuth flow: returns a short-lived token scoped to the member + provider. Pass the token to `GET /v1/devices/{slug}/oauth-url` (for the standard OAuth redirect flow) or to a hosted link UI (for Cloud Link).
OAuth provider callback (tenant-agnostic, query-slug) — proxy to Junction
Same as the per-user callback, but without `{user_id}` in the path. `provider_slug` is read from the query string, which OAuth providers preserve when redirecting if the override URL declared it. Most providers (WHOOP, Fitbit, Oura, ...) only allow exact-match redirect URIs without query params, in which case use the path-suffixed variant `/v1/devices/auth/callback/{provider_slug}` below.