Skip to main content
The Dribbble API uses OAuth 2.0 to securely authenticate applications. This guide walks you through how to register your app, authorize users, and obtain your access token.

Overview

OAuth 2.0 is an industry-standard protocol for secure delegated access.
Instead of sharing passwords, users grant your app permission to act on their behalf using tokens. Here’s how the Dribbble OAuth flow works:
  1. Register your app to get a Client ID and Client Secret.
  2. Direct users to the authorization URL.
  3. Receive a code when they approve your app.
  4. Exchange that code for an access token.
  5. Use the token to make authenticated requests.

Step 1: Register your application

  1. Create an account on the Dribble home page or login.
  2. Visit the Applications page.
  3. Select Applications from the side menu
  4. Click Register a New Application.
  5. Enter your app details and callback URL.
  6. Click Create Your Application.
  7. Your Client ID and Client Secret show up at the bottom of the page. Copy them and keep them safe.
Your callback URL is the endpoint where Dribbble redirects users after they approve access.
Example: https://myportfolio.com/auth/dribbble/callback

Step 2: Request user authorization

  1. Redirect users to the following URL: 
    https://dribbble.com/oauth/authorize?client_id=YOUR_CLIENT_ID
  2. Once the user approves, Dribbble redirects them to your callback URL with a code: 
    https://your-callback-url?code=9892aebf...

Step 3: Exchange the code for an access token

Use your Client ID, Client Secret, and Authorization Code to request a token. 
curl -X POST "https://dribbble.com/oauth/token" \
    -d client_id=YOUR_CLIENT_ID \
    -d client_secret=YOUR_CLIENT_SECRET \
    -d code=AUTHORIZATION_CODE \
    -d redirect_uri=YOUR_CALLBACK_URL
You’ll receive a JSON response like: 
{
"access_token": "abc123...",
"token_type": "bearer"
}
Store your access token securely. Do not expose it publicly (for example, in frontend code or GitHub repos).

Step 4: Use the access token - Fix the code here

Include your token in the query parameter: 
Authorization: Bearer YOUR_ACCESS_TOKEN
Example: 
curl -H "Authorization: Bearer YOUR_ACCESS_TOKEN" \
https://api.dribbble.com/v2/user
Response: 
{
"id": 123,
"name": "Jane Doe",
"username": "janedesigns"
}

Handle Common Errors

ErrorDescriptionHow to fix
invalid_clientIncorrect Client ID or SecretDouble check the client_id and client_secret to make sure they are correct
invalid_grantCode expired or reusedRequest a new authorization code
unauthorizedToken missing or invalidInclude the Authorization header
400 Bad RequestMissing required parameterVerify your query parameters
Redirect URI MismatchRedirect URI doesn’t match the previous oneProvide a redirect_uri that matches what you registered or leave out this parameter to use the default one registered with your application

Token Management Tips

  • Tokens typically don’t expire quickly, but can be revoked anytime via your Dribbble account.
  • Always use HTTPS to keep tokens secure in transit.

Next Steps

Quickstart

Try your first API request.