Welcome to Mindtalk Dev Resources


Beside OAuth, Mindtalk also support XAuth for authentication and authorization process. Remember that XAuth only available for verified application. Read more about how to verify your application.

The purpose of XAuth is making the authentication and authorization process as easy as possible. Unlike OAuth, you do not need to redirect into Mindtalk login page for authorization. This make authorization process easier.

To know more about XAuth, please check this presentation: What is XAuth.

XAuth v1 (Deprecated)

Before XAuth v1 deprecated, Mindtalk using XAuth v1 for authentication and authorization.

Endpoint url :


Method used is POST. To obtain access_token, add the parameters below :

x_auth_client_id client id.
x_auth_client_secret client secret.
x_auth_username nama user.
x_auth_userpassword user password

The return value is encoded URL:


Because XAuth v1 is already deprecated, now Mindtalk using XAuth v2 for authentication and authorization process.

XAuth v2

Endpoint url:


Method to use is POST

These parameters are required:

  • client_id - your client id/App id.
  • client_secret - your client secret id.
  • user_name - user name who want to login.
  • user_password - user password.

Return value if success:

    "access_token": "[ACCESS_TOKEN]",
    "expires_in": 5184000