Reddit
OAuth 2.0 with duration=permanent for non-expiring refresh tokens. Token exchange uses Basic auth (clientId:clientSecret) with a mandatory User-Agent header.
Authentication at a glance
| Field | Value |
|---|---|
| Auth model | OAuth 2.0 |
| Required ENV | REDDIT_CLIENT_ID, REDDIT_CLIENT_SECRET, REDDIT_USER_AGENT |
| Callback URL | ${BASE_URL}/api/v1/auth/reddit/callback |
| Scopes / permissions | identity, submit, mysubreddits, read, flair |
| Auto token refresh | Yes — every 7 days before expiry |
ENV details
REDDIT_USER_AGENT defaults to Sosyabot/1.0. Reddit's API policy demands a meaningful UA — use the form web:com.example.sosyabot:v3.38.0 (by /u/yourhandle) for production.
How to connect
- Open Connections → Reddit → Connect.
- Sign in to Reddit and grant the scopes.
- Pick the default subreddit on the post-connect screen.
Token refresh
Auto-refreshed. Default access-token TTL is 1 hour. The tokenRefresh.queue.ts worker uses the permanent refresh token to mint new access tokens. The User-Agent header is required on every refresh call.
Notes
- The User-Agent header is required on every API call, not just connect. Reddit returns
429for missing or generic User-Agents. - Sosyabot caches your subreddit list in
dataand auto-selects the first subreddit as default at connect time. - The
flairscope is requested so the composer can list subreddit flairs and let you pick one before posting.
Troubleshooting
If the channel shows needs_reconnect, the access token was rejected by Reddit. Common causes:
- The user revoked Sosyabot's authorization on the platform.
- The platform invalidated the token (password change, security event).
- Your OAuth app credentials rotated and the existing tokens no longer match.
Re-run the connect flow above. See Troubleshooting for the workspace-wide checklist.