Product overview and scope

  • Login Kit (Web OAuth): authenticate users to obtain an access_token and open_id to authorize user‑initiated actions.
  • Content Posting API (v2): post videos via the initialize → upload → status/publish flow.
  • Display API / Share Kit: not used in this integration.

Per guidelines, we only request the minimal set of products/scopes needed.

Requested scopes and rationale

  • user.info.basic — read the open_id to link the user account.
  • video.upload — upload the user’s video binary to TikTok.
  • video.publish — finalize visibility/publish after upload.

We do not request any unnecessary scopes.

Platform configuration

Website URL: https://postle.fr

Redirect URI (Web): https://postle.fr/api/auth/oauth/tiktok/callback

Legal pages: /privacy/terms

The domain shown in your demo video must match the Website URL provided.

End‑to‑end demo (sandbox recommended)

  1. Click “Sign in with TikTok” to open the OAuth popup.
  2. Grant the scopes listed above.
  3. After login, post a private test video (SELF_ONLY visibility).
  4. Show the result payload (publish_id/post_id).

If the app has not been audited, posting is restricted to private accounts with SELF_ONLY visibility.

Security & Privacy

  • Tokens are encrypted server‑side and bound to the authenticated user.
  • No sensitive data is exposed on the client beyond the OAuth necessity.
  • Data deletion on request: see /data-deletion.

Official references