You have to manually follow the link to get a token. You can’t use fetch to get a user token the first time. That is the whole point of oauth is it makes the user manually authorize your apps usage. Once you get the token if you use the authorization flow you can refresh it programmatically.