All applications follow the same principle steps when accessing the MindMeister OAuth 2.0 API. These steps are:
Register an OAuth 2.0 client application here to obtain a client ID and a client secret. For details read register your application.
The MindMeister API additionally provides the ability to create personal access tokens without prior application registration. These tokens can only be used to access the API on the user's own behalf.
The access token allows requests to protected user resources. To authorize an API request the access token has to be send in the bearer authorization header.
GET /api/v2/resource/1 HTTP/1.1 Host: www.mindmeister.com Authorization: Bearer ACCESS_TOKEN
It's also possible to provide the access token in the query string, e.g. /api/v2/resource/1?access_token=ACCESS_TOKEN. This is really not recommended. The access token might be exposed to the end user or any other non authorized party. User-agents might cache the query string together with the base URL as well.