Skip to content

📚 API Overview

Earth Miles provides two main API categories: OAuth endpoints for authentication and Partner API for awarding miles and processing transactions.

Base URL

All API requests should be made to:

https://backend.earthmiles.app

Security Notice

All API endpoints must be called from your server, not from client applications (web browsers, mobile apps, etc.).

Your client_secret and access tokens should never be exposed to client-side code. Always implement a backend service to:

  • Handle OAuth token exchange
  • Store and refresh access tokens securely
  • Make API requests to Earth Miles endpoints
  • Proxy responses to your client application

API Endpoints

Our API follows RESTful design principles, with standard HTTP response codes and OAuth-based authentication.

OAuth Endpoints

  • POST /api/oauth/token - Exchange authorization code for access tokens or refresh the token.

Partner API

  • GET /api/partner-api/me - Retrieve user information.
  • POST /api/partner-api/award-points - Award points to a user.
  • POST /api/partner-api/process-transaction - Process transactions and award points.

Authentication

All API requests that handle user data require authentication using Bearer tokens:

Authorization: Bearer {access_token}

Required Scopes

  • miles:read - Read user miles data
  • miles:write - Award points and process transactions