A little help for a Noob (OAuth with JS)?

Hello guys

I’m trying to retrieve an Access Token and use it to make requests to the WoW GameDataAPI

In order to do that I had installed the passport-bnet npm package mentioned on the battle.net documentation

So I managed to use that with Express.js on local.

When I hit the route /auth/bnet it redirects me to
/auth/bnet/callback?code=“An access token in uppercase”
And after that I can’t access to my local host, my web browser says “ERR_CONNECTION_CLOSED”

The thing is that this token cannot be used, if I use it on http address like

eu .api.blizzard.com/data/wow/connected-realm/index?namespace=dynamic-eu&locale=fr_FR&access_token=The code given just before

I get an 401 error, so bad token I guess.

There is something that I don’t understand, I am a beginner and the documentation with the use of passportjs for the blizzardAPI is really thin.

Why does my Access Token doesn’t work ? And why does it doesn’t redirect me but instead my web browser shows an error ?

I would really appreciate some help, thanks.

Here are the snippet that I use


    new BnetStrategy(

      { clientID: BNET_ID,

        clientSecret: BNET_SECRET,

        scope: 'wow.profile sc2.profile',

        callbackURL: "https://localhost:3000/auth/bnet/callback",

        region: "eu" },

      function(accessToken, refreshToken, profile, done) {

        process.nextTick(function () {

          return done(null, profile);


// configure Express




    passport.authenticate('bnet', { failureRedirect: '/' }),

    function(req, res){


app.get("/", (req, res) => {



Nope, this is not an access_token, this is an authorization_code. You need to pass this code along with your application_id and application_secret from your back-end to the OAuth2 server and only then you’ll get back an access_token.

The last part should be handled by the passport library. This should be handled by this portion of your code:

Do you actually have SSL certificates configured for your application ? If not the connection error you are getting might be because you are using https for your callbackURL.

1 Like

Thanks for your answer !

What an idiot, I thought that it was an access token, and I didn’t had an SSL certificate for my app.

I tried in http instead, and a kind stranger did a vanilla js example, perfect for beginners like me

I show the link if someone struggles to understand and do dozens of searchs like me
http s://github.com/viglucci/vanilla-node-blizzard-oauth-example/blob/master/server.js#L29

It works now, I have my access token, and more importantly I understand why did I get it !

Thanks again, it means a lot to get help for beginners like me !

1 Like

This post/guide might be helpful, there are some other examples and libraries listed there: Getting started with the WoW API