I am trying write a backup process that will run which obviously won't have any user interaction. It seems like the API only supports redirecting to a login page to authorize? Is this true or is there some other way to login?
That's correct, the user needs to authorize the app to access their account in their web browser. This only needs to be done once per account though. For long-term unattended access, the app should request "offline" access, in which case the app receives a "refresh token" that can be used to retrieve new short-lived access tokens as needed, without further manual user intervention. You can find more information in theĀ OAuth Guide and authorization documentation. There's a basic outline of processing this flow in this blog post which may serve as a useful example.
So theoretically I could just login myself, capture the auth code, use postman or something to obtain the refresh token and then hard code that into my app and it should work?
Yes, but note that that would only be for your own account. If this is only for your own use, that's fine, but you shouldn't distribute your refresh token to any other users.
