Stack Exchange · Authentication Profile

Stackexchange Authentication

Authentication

Stack Exchange secures its APIs with apiKey and oauth2 across 2 declared security schemes, as derived from its OpenAPI definitions. OAuth 2.0 is offered via the authorizationCode flow(s).

Q And ADeveloper CommunityKnowledge GraphStack OverflowStack ExchangeReputationTagsCommunityMCPAI Grounding
Methods: apiKey, oauth2 Schemes: 2 OAuth flows: authorizationCode API key in: query

Security Schemes

oauth2 oauth2
· flows: authorizationCode
apiKey apiKey
· in: query (key)

Source

Authentication Profile

Raw ↑
generated: '2026-07-11'
method: derived
source: openapi/stackexchange-api-v2-3.yaml
summary:
  types:
  - apiKey
  - oauth2
  api_key_in:
  - query
  oauth2_flows:
  - authorizationCode
schemes:
- name: oauth2
  type: oauth2
  flows:
  - flow: authorizationCode
    authorizationUrl: https://stackoverflow.com/oauth
    tokenUrl: https://stackoverflow.com/oauth/access_token
    scopes: 4
  description: |-
    OAuth 2.0 explicit or implicit flow. Apps register on stackapps.com.
    Read methods do not require auth; write methods require `write_access`.
    `private_info` is needed for /me/notifications, /me/inbox, and similar
    private surfaces. `no_expiry` issues tokens that never expire.
  sources:
  - openapi/stackexchange-api-v2-3.yaml
- name: apiKey
  type: apiKey
  in: query
  parameter: key
  description: |-
    Optional app key. Sending a key raises the daily quota from 300 to 10,000
    requests per IP and is the recommended default for any non-trivial client.
  sources:
  - openapi/stackexchange-api-v2-3.yaml