Bing_OATH

Authorization Code Grant Flow
=============================

Step 1 : Created a Live SDK application at  https://apps.dev.microsoft.com/, and login with your Microsoft Account credentials when prompted.

Got client_id e.g XXXXXXXXXXXXXXXXX

Step 2 : Request for CODE with response_type=code at  https://login.live.com/oauth20_authorize.srf?client_id=XXXXXXXXXXXXXXXXX&scope=bingads.manage&response_type=code&redirect_uri=https://login.live.com/oauth20_desktop.srf&state=ClientStateGoesHere


Step 3 : Authenticate and get CODE like https://login.live.com/oauth20_desktop.srf?code=YYYY-YYYYY-YYYYY-YYY-YYYY-YYY&state=ClientStateGoesHere&lc=1033

Step 4 : Request for Access Token and Refresh Token by passing client_id and code with grant_type=authorization_code at
https://login.live.com/oauth20_token.srf?client_id=XXXXXXXXXXXXXXXXX&code=YYYY-YYYYY-YYYYY-YYY-YYYY-YYY&grant_type=authorization_code&redirect_uri=https%3A%2F%2Flogin.live.com%2Foauth20_desktop.srf 

As we know from doc that, the refresh token parameter does not have a defined expiration period, you should expect it to last several months

Step 5 : If the refresh token expired, then we need to use the refresh token to get a new access token and new refresh token. You should request a new token before the current access token expires, or catch the AuthenticationTokenExpired error code (109) and then request a refresh token.

REQUEST FORMAT:
==============
POST https://login.live.com/oauth20_token.srf HTTP/1.1
Accept: application/json
Content-Type: application/x-www-form-urlencoded
Host: login.live.com
Content-Length: 167

https://login.live.com/oauth20_token.srf?client_id=XXXXXXXXXXXXXXXXX&grant_type=refresh_token&redirect_uri=https%3A%2F%2Flogin.live.com%2Foauth20_desktop.srf&refresh_token=my_old_refresh_token