My Setup
I’m working on a WPF app using .NET Core 6.0 in Visual Studio 2022 Community edition. I need to integrate with Miro’s REST API to create boards programmatically.
What I’ve Done
I got my API credentials (app ID and secret) from Miro’s developer portal. I’m using RestSharp library for HTTP requests. My authentication seems to work fine, but when I try to create a board, I keep getting a 401 Unauthorized response.
My Code
public string MiroProfilePage = "https://miro.com/app/settings/user-profile/apps";
public string AppId = "myappid";
public string AppSecret = "myappsecret";
internal async void GenerateMiroBoard()
{
try
{
var authClient = new RestClient("https://miro.com/app-install/?response_type=code&client_id=" + AppId);
var authRequest = new RestRequest();
authRequest.Method = Method.Post;
authRequest.AddHeader("Authorization", "Bearer " + AppSecret);
var authResponse = authClient.ExecuteAsync(authRequest);
var authResult = authResponse.Result;
var createClient = new RestClient("https://api.miro.com/v1/boards");
var createRequest = new RestRequest();
createRequest.Method = Method.Post;
createRequest.AddHeader("Accept", "application/json");
createRequest.AddHeader("Content-Type", "application/json");
createRequest.AddParameter("application/json", "{\"name\":\"New Board\",\"sharingPolicy\":{\"access\":\"private\",\"teamAccess\":\"private\"}}", ParameterType.RequestBody);
var createResponse = createClient.ExecuteAsync(createRequest);
var createResult = createResponse.Result;
}
catch(Exception ex)
{
var errorMsg = ex.Message;
}
}
The Problem
The board creation request returns unauthorized even though my auth step seems successful. What am I missing in my API call setup?
you’re not using the auth token from the first request when creating the board. extract the access token from the oauth flow and pass it in the authorization header for the create board request - don’t just use the app secret.
Your auth approach is broken. That app-install URL isn’t an API endpoint - it’s for browser authorization. You’re POSTing to a webpage instead of getting a real access token. I hit the same wall when I started with Miro’s API. Here’s what you need to do: send users to the auth URL, grab the callback with the authorization code, then swap that code for an access token at the token endpoint. If you’re just testing or building for yourself, ditch OAuth and generate a personal access token from your Miro developer settings. Stick that token in your Authorization header for the board creation request. Your current code won’t work because you’re not following proper auth flow.
Had this exact same issue last year building a dashboard integration. You’re missing the access token in your board creation request. That first request isn’t returning any token data - it’s just hitting an auth URL meant for browser redirects. I skipped the OAuth mess entirely and used a personal access token for dev work. Go to your Miro developer settings, generate a personal token, then add it like this: createRequest.AddHeader(“Authorization”, “Bearer YOUR_PERSONAL_TOKEN_HERE”); Also heads up - you’re using the deprecated v1 API endpoint. Switch to https://api.miro.com/v2/boards instead. The v2 API has a slightly different request structure but it’s way more stable. Get the basic token auth working first, then you can always add proper OAuth later if you need it for production users.
you’re not getting an access token from that auth request. that app-install url just redirects users to authorize your app - it doesn’t return tokens. either implement the full oauth2 flow or grab a personal access token from the miro dev portal. personal tokens are way easier for testing.
You’re mixing up OAuth flow with direct API calls. That URL from your first request isn’t for getting access tokens - it’s where users go in their browser to authorize your app. For programmatic access, you’ve got two options: implement the full OAuth2 flow (redirect user to authorize, grab the code, exchange for token) or just use a personal access token from your Miro account settings. If you’re only creating boards for your own account, grab a personal access token from the developer portal and stick it in your Authorization header as “Bearer YOUR_TOKEN” when calling the boards API. Way simpler than OAuth if you don’t need user authorization.