The question is off topic but here it goes: At TD they do not send your order to an exchange, which means you do not get any liquidity unless it is "lit". There is usually liquidity between the bid/ask. It'll either be shares less than 100 share lots or orders marked as hidden. Your order goes to an "execution house" like Citadel. They grab the dark liquidity and execute your order only where the lit liquidity is. They keep the difference. This difference is considerable (and measurable statistically just in case you have any doubts).
One of the advantages of using this instead of a direct brokerage API is that you can switch brokers in one line of code.
this is where the response is sent. You cannot ignore it, since the response has the needed code for the login. However, depending on how you handle the login, you may not need to setup a server to listen for the response. If for example you open the OAuth URL in an embedded browser in your app, you can just check when it is navigating to the localhost URL and then parse the URL
I don't use TD, but I can see an accountId as an input parameter in the Trading and Accounts section of the API. It looks like you will have to use your API credentials to authenticate and then pass the accountId on every request to make sure that the right account is selected. You could potentially have more than one trading account and the API doesn't know which one you would like to act on.
I finally managed to get it halfways working. Now I get an "access_token" that seems to be valid for 30 minutes (1800 seconds): Code: { "access_token": "...", "scope": "PlaceTrades AccountAccess MoveMoney", "expires_in": 1800, "token_type": "Bearer" } There's another type of token called "refresh_token", but this one I could not get yet. Somehow it behaves differently than the documentation, b/c normally it should send both tokens in the same one response, but when I specify "offline" in one of the fields then nothing works (error response comes). Normally with "offline" it should give both the said token types... God shave the Queen - Why oh why make things so complicated dear TD A?
You should have read some documentation about Rest services before getting into it. It is not complicated, it is actually very simple.
Folks, judge yourself: "only" 19 lenghty steps needed for success with the TD API: https://techiejackieblogs.com/how-to-access-td-ameritrade-api/
Ok, let's continue: Does it really mean I need to get a new token every 30 minutes? What happens if I don't get a new one in the 30 minutes? Do I then need to start over again? Btw, such an API is of course intended for automating things. but here one has to manually login to get a token... I don't get the logic here...