API and the OzBargain Logos

Deal Submission

If you are a deal aggregator, catalogue provider or even a merchant who wishes to create link for your visitors to submit deals to OzBargain (similar to what Lasoo has done, from this announcement), you can link to OzBargain's deal submission form with some fields pre-filled.

URL: https://www.ozbargain.com.au/deals/submit

Query String Parameters:

Parameter Pre-filled field
edit[title] Title
edit[url] URL/Link
edit[start] Start Date (format: yyyy-mm-dd)
edit[expiry] Expiry Date (format: yyyy-mm-dd)
edit[coupon] Coupon Code


URL to submit the latest eBay Group Buy Deal.


OAuth 2

OzBargain provides authentication / authorization with OAuth 2.0. Currently it's in internal alpha testing. Please use Contact Form to request registration of a new client.




  • client_id=testapp
  • client_secret=testsecret
  • redirect_uri=testapp://example.com/

To request authorization from a logged in user, redirect the user to this URL:



  • state needs to be present and best to be a random string that can be verified later.
  • If redirect_uri is not configured on the OzBargain Authorization Controller, it can be passed in as part of URL using redirect_uri in query string parameter.

After the user accepted the authorization request, OzBargain will then redirect to


Your website / app can then use <authorization_token> to request access token to access OzBargain on behalf of the user. To request access token, HTTP POST to the following URL:




as POST data (Content-Type: application/x-www-form-urlencoded). If successful, OAuth server will return the access token in JSON.

  "access_token": "e8cc0eaee04c0dbe19ced626ffc4aefac2770b67",
  "expires_in": 7200,
  "refresh_token": "87eebc12677da143d2757621b65f4f98aebe0489",
  "scope": null,
  "token_type": "Bearer"

access_token can be used by your website / app to access OzBargain resources as that user. refresh_token can be used to generate a new access token after the initial one has expired. Note that by default, OzBargain has 2 hour expiry for access_token and 2 week expiry for refresh_token.

Login via Access Token

You are able to log into the OzBargain website using access token obtained from OAuth. Use the following URL:



  • access_token – 40 character access token obtained from work-flow above.
  • destination – OzBargain page to be redirected to after logging in. For example node/12345 or <front> for Front Page.

Note that if access_token is invalid, the browser will be redirected to user-login page with error message.

Bearer Authentication

Your website / app can issue authenticated API calls or download RSS pages as a logged in user using Bearer Authentication. Add the following header to your request:

Authorization: Bearer <access_token>

Note that if access_token is invalid, HTTP response “403 Access Denied” will be returned.

Refresh Access Token

As default access_token expires after 2 hours, you will need to have user authorise again, or use the refresh token to obtain a new set of access/refresh token (before the existing refresh token expires). To get a new refresh token, HTTP POST to the following URL:


with POST data:


If <refresh_token> is valid, the following JSON will be returned:

  "access_token": "ccbb1f1b98660c469bdaf7280e09d5134263c35a",
  "expires_in": 7200,
  "refresh_token": "cda24fea9a82ff69844416d2ea4b32bb9efe5bf1",
  "scope": null,
  "token_type": "Bearer"

Note that <refresh_token> is one-use only, and you must grab the updated <access_token> and <refresh_token>.

Get User Info

To retrieve information about OzBargain user associated with an access_token, issue an HTTP GET request on the following URL:


JSON result will be returned, and if successful:

  "success": true,
  "message": "OAuth2 token verified.",
  "user": {
    "uid": 2,
    "name": "testuser",
    "email": "[email protected]",
    "role": "User",
    "penalised": false

Firebase Cloud Messaging

OzBargain is currently testing Firebase Cloud Messaging integration. Here are some support API.

To register/activate/deactivate an instance for message delivery, use the following URL as endpoint. Use Bearer authorization with OAuth2 access token. <uid> is the numeric number of the user to update the setting, and it must be the same as the authenticated user.


Parameters are send in via POST data in URL encoded form.

Parameter Value
code Instance ID
name Name of this instance (optional)
For example “Android Phone”
active 0 or 1 to activate/deactivate already registered instance (optional)


$ curl -F 'code=1234567890' -F 'name=TestClient' \
    -H 'Authorization: Bearer 0987654321'
{"result":true,"message":"Instance has been registered"}

$ curl -F 'code=1234567890' -F 'active=0' \
    -H 'Authorization: Bearer 0987654321'
{"result":true,"message":"Instance has been deactivated"}

OzBargain Logos

(OzBargain.com.au Logo)

png | svg

(Just a simple [Oz])

png | svg

(The flat / non-gradient version of [Oz])

png | svg

(Mask wearing avatar)

jpg | xcf

(Default avatar (no mask))