That just how oAuth works.
Sure you can go “here is a link visit the link”
Then manually copy/paste the ?code that is returned into your Command Link App
And do the exchange that way (saves raising a server)
But step one is always gonna be “go to this URL in your browser” for oAuth.
A ClientID doesn’t magically grant all priviledges between the ClientID and the Owner of the ClientID’s account.
You can’t, you will need to do it manually (at least) once
The following you can automate:
Then you can use the Token till it dies
Then use the refresh token to get a new tokem
But IF the refresh fails or is invalid, then you have to manually make a new token.
So yes, you need to click the button to allow access manually. Then whenever the refresh token is dead and you need to feed it new tokens. Theres also a few other things that will kill a refresh token.