Getting user tier as soon as OAuth is initialized

Using API V2, I’ve ecnountered this confusing moment:

1. Redirect to get code
2. Send code to backend for access token
3. Backend sends access token but since there is no info on user, it can only provide basic info, like email, id, memberships (What are even those?).
   But to get user’s tier, I need to send his userId (as per API docs

members/${member_id}?include=address,campaign,user,currently_entitled_tiers

)

However, if I do requests one by one, meaning

1. Access token
2. Get user info
3. Use ID from response
4. Send another API call to get pledge/tier
   Then all I get is 401, Unauthorized. Could someone explain the easiest way from getting code to acquiring user’s pledge?

EDIT:
My request looks like this:

https://www.patreon.com/api/oauth2/v2/identity?include=memberships&fields${encodeURIComponent(’[user]’)}=email,first_name,full_name,image_url,last_name,thumb_url,url,vanity,is_email_verified&fields${encodeURIComponent(’[member]’)}=currently_entitled_amount_cents,lifetime_support_cents,last_charge_status,patron_status,last_charge_date,pledge_relationship_start

I managed to scrap some code off of PHP library:
I put &include=currently_entitled_tiers in the end of my request, but nothing is included.

Is there a way to get current tiers using this approach and by NOT having a user’s ID?

This is GraphQL, so it may throw you a bit off at the start. But its pretty neat in the long run. I will give you an example of a call which will allow you to get almost everything you need about a user once you have the access token:

This is used in 5000+ sites to get the user’s info and patronage etc in one call.

For this to work, of course you must have gotten the token for that user beforehand. you can do it by requesting what permissions you need for those:

As you can see, identity and identity email are added to the scopes. This will get you permission for requesting those info.

The login scope above works for those who are fans of your campaign. If you are requesting info about other memberships of the user, you would need to ask membership related stuff as scopes when having the user log in.

So there’s no means by which you’ll get this below two API calls. Or rather one OAuth back and forth to get get the tokens you need to authenticate a user, and then a second call to fetch the user’s identity.

Codebard elaborated a little on this, but to do it in one call, you’re looking to use identity not members, which it appears you figured out by way of your edit.

Past that, since you’re requesting identity, you’re getting a user object back, not a member one, so you need to map your relations from the user. By that, I mean your request should look something like the below. This is in PHP so edit it according to your language of use.

'identity?include=memberships,memberships.currently_entitled_tiers&fields' .urlencode('[user]'). '=can_see_nsfw,email,first_name,full_name,hide_pledges,image_url,is_email_verified,last_name,thumb_url,url,vanity&fields' . urlencode('[member]') . '=campaign_lifetime_support_cents,currently_entitled_amount_cents,is_follower,last_charge_date,last_charge_status,lifetime_support_cents,next_charge_date,patron_status,pledge_cadence,pledge_relationship_start,will_pay_amount_cents&fields' .urlencode('[tier]') . '=amount_cents,discord_role_ids,published,remaining,requires_shipping,title,unpublished_at,url,user_limit';

For each object type returned you need a separate fields request declaration, so &fields' .urlencode('[user]'). '= defines the fields for the user objects returned, while &fields' .urlencode('[tier]'). '= defines the return for all tier objects (in this case, a membership’s currently entitled tiers.

This is about the only way I could think of doing it without having the ID already.

Thanks to Codebase’s reply, I managed to scrap the correct URL
var url = https://www.patreon.com/api/oauth2/v2/identity?include=memberships.currently_entitled_tiers,memberships.campaign&fields${encodeURIComponent(’[user]’)}=email,first_name,full_name,image_url,last_name,thumb_url,url,vanity,is_email_verified&fields${encodeURIComponent(’[member]’)}=currently_entitled_amount_cents,lifetime_support_cents,campaign_lifetime_support_cents,last_charge_status,patron_status,last_charge_date,pledge_relationship_start``

This is javascript and it encodes brackets.

Overall experience is frustrating, there is just too much that isn’t written down.
For those who are struggling, have my piece of code: (Happens on server)

axios.post(`https://www.patreon.com/api/oauth2/token?code=${code}&grant_type=authorization_code&client_id=${CLIENT_ID_V2}&client_secret=${CLIENT_SECRET_V2}&redirect_uri=${auth.redirectUri}`, {
        headers: {
            'Content-Type': 'application/x-www-form-urlencoded'
        }
    }).then(r => {
        console.log('Token:', r.data.access_token)
        token = r.data.access_token
        return token
    }).then(token => {
axios(url, { 
            method: 'GET',
            headers: {
                'Authorization': 'Bearer ' + token,
                'user-agent': 'Chrome: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.90 Safari/537.36'
            },
        }).then(r2 => {
            let data = r2.data
            console.log('RESPONSE DATA:', data)
            res.send(data)
        }).catch(err => {
            console.log('r2 error: ', err)
            res.send(err)
        })
})

Overall experience is frustrating, there is just too much that isn’t written down.

Indeed, GraphQL is relatively new to developer community to start with. And our documentation can definitely be improved a lot, which we are planning to do.

However its great to hear you solved your issue. Good luck with your patrons.

THANK YOU FOR THIS.

I’ve been banging my head for a week now trying to get exactly this data. This did it.