Frequently Asked Questions

This FAQ answers common questions developers have when working with Quran.Foundation APIs.

How do I obtain OAuth2 credentials?

Submit an application to receive your client_id and client_secret. These credentials let you request authorization tokens for accessing user data.

Content APIs provide read-only access to Quran data such as chapters, verses, recitations and translations. User-related APIs manage data tied to a specific Quran.Foundation account like bookmarks and notes.

How do I use `x-auth-token` and `x-client-id` headers?

Include your OAuth2 access token in the x-auth-token header and your client ID in the x-client-id header when calling authenticated endpoints.

What are the best practices for refresh tokens?

Store refresh tokens securely and reuse them until they expire. Refresh tokens allow you to obtain new access tokens without asking the user to re-authorize.

Can I use the demo credentials `quran-demo`/`secret` in production?

No. These demo credentials are for testing only and should not be used in production applications.

Frequently Asked Questions

How do I obtain OAuth2 credentials?​

What is the difference between Content APIs and User-related APIs?​

How do I use x-auth-token and x-client-id headers?​

What are the best practices for refresh tokens?​

Can I use the demo credentials quran-demo/secret in production?​

How do I obtain OAuth2 credentials?

What is the difference between Content APIs and User-related APIs?

How do I use `x-auth-token` and `x-client-id` headers?

What are the best practices for refresh tokens?

Can I use the demo credentials `quran-demo`/`secret` in production?