Instant OAuth access to services without registering apps. Spotless handles authorization via pre registered apps and hands back a token for use directly with the service API.
Use for browserless clients i.e. SSH sessions, CI and agents, even if the service does not support browserless login.
Start the device flow for a service, i.e. dnsimple.
curl -s -X POST https://spotless.run/device/dnsimple \
--data-urlencode 'client_id=http://localhost'
Open the verification URL in any browser and enter the user_code.
Poll the token endpoint with the device_code
curl -s -X POST https://spotless.run/token \
--data-urlencode 'grant_type=urn:ietf:params:oauth:grant-type:device_code' \
--data-urlencode 'device_code=THE_DEVICE_CODE'
You don't need to use bash. Full specification in RFC 8628
Use for web apps running on localhost.
GET /authorize/{service}: start the authorization code flow.
Your client_id must be a localhost origin, http://localhost:1234.
The redirect_uri origin must be the same as your client_id.
Handle the redirect to your app on localhost.
POST /token: exchange the spotless code for the service access token.
Full specification in OAuth v2.1
It's probably better than pasting API tokens into company chat.
Agents are only valuable when they can safely use real tools. The slow part is not writing the script; it is OAuth app setup, browserless login etc. Spotless pays that integration cost once spotless is free to use for local development for services that allow free integrations.