Connecting Channels

Connect YouTube channels and Facebook pages to your account via OAuth — no platform API keys required on your side.

How the OAuth ticket flow works

The Pharlo uses a ticket-based OAuth flow rather than a standard redirect. This allows you to trigger the flow from your backend and redirect the user without exposing your API key to the browser.

Your backend              Pharlo           Google / Meta
     │                          │                       │
     │── POST /tickets ──►      │                       │
     │◄── {authUrl, ticketId} ─ │                       │
     │                          │                       │
     │(redirect user to authUrl)│                       │
     │                          │──── /authorize ──────►│
     │                          │   (consent screen)    │
     │                          │◄── callback ──────────│
     │                          │  (create Connection)  │
     │                          │                       │
     │── GET /connections ►     │                       │
     │◄── [new connection]      │                       │

Step 1 — Create an OAuth ticket

curl -X POST https://pharlo.io/api/v1/oauth/tickets \
  -H "Authorization: Bearer $DELIVERY_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"platform": "youtube", "redirectUrl": "https://your-app.com/channels/connected"}'

Response:

{
  "ticketId": "550e8400-e29b-41d4-a716-446655440000",
  "authUrl": "https://pharlo.io/api/v1/oauth/youtube/authorize?ticket=550e8400...",
  "expiresAt": "2026-04-23T12:05:00Z"
}

The ticket expires in 5 minutes.

Step 2 — Redirect the user

Send the user to authUrl. They'll see Google's or Meta's consent screen. After they grant permissions, they'll be redirected to your redirectUrl.

Step 3 — Verify the connection was created

curl https://pharlo.io/api/v1/connections \
  -H "Authorization: Bearer $DELIVERY_API_KEY"

The new connection appears with isActive: true. Copy its id — this is the connectionId you pass when creating assignments.

Connecting Facebook pages

The flow is identical — change "platform": "facebook". After the OAuth flow, each Facebook page the user granted access to becomes a separate connection.

Refreshing an expired token

OAuth tokens expire. When a connection's token expires, assignments to it will fail. To re-authorize:

curl -X POST https://pharlo.io/api/v1/connections/7f3e1a2b-4c5d-6e7f-8a9b-0c1d2e3f4a5b/refresh-token \
  -H "Authorization: Bearer $DELIVERY_API_KEY"

If the refresh token is also expired, you need to run the full OAuth flow again — create a new ticket with the same platform and redirect the user.

Activating and deactivating connections

Deactivated connections cannot receive new assignments:

curl -X PATCH https://pharlo.io/api/v1/connections/7f3e1a2b-4c5d-6e7f-8a9b-0c1d2e3f4a5b \
  -H "Authorization: Bearer $DELIVERY_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"isActive": false}'

Troubleshooting

User sees an error after OAuth consent

• The ticket may have expired (5-minute window). Create a new ticket and retry.
• The redirect URI must match exactly what was provided in the ticket.

Connection shows as inactive after creation

• The OAuth scope may have been insufficient. Re-run the OAuth flow.

Token refresh fails

• Refresh tokens expire after 30–90 days depending on the platform, or after the user revokes access. Create a new ticket to re-authorize.

YouTube quota exceeded

• The Google OAuth app may have hit its daily quota. Contact your platform admin to check YouTube quota usage at GET /api/v1/admin/youtube-quota.