You get this type of URL in response, right?
https://[your registered redirect URI]/#access_token=[an access token]&scope=[authorized scopes]
What do you mean by “…but I’m not getting authorized via OAuth”? Do you mean you’re getting access denied when you make a subsequent request using the access token?