there are 3 versions of the API, you do not indicate which version you are targeting, V1, V2 or Yelp Fusion (V3?), but seeing that V2 is in the process of retiring (for example, they will not allow new programmers to subscribe to the access token for V2 ), I think you mean Fusion.
according to the docs, it all starts with a https://api.yelp.com/oauth2/token request, using your client_id and client_secret (which you get when registering a new application) and hardcoded grant_type = client_credentials - and your code really does that, but it incorrectly encodes the client_id and client_secret URLs, which may be why you get a blank page (and this in itself means that you are not debugging using CURLOPT_VERBOSE - always use CURLOPT_VERBOSE when debugging curl requests - we don’t know if it is connected and Did the HTTP code get OK No Content, or 500 Internal Server Error, or if your Its connection has been blocked directly, but CURLOPT_VERBOSE will inform you.) When you get access_token with url oauth2 / token, it comes in JSON encoding, uses json_decode to decode it.
when you receive this token, for further API calls, configure the Authorization: Bearer TOKEN http header for authentication.
here is my code playing with the API, logging in (getting authorization_token), and then getting business information at dentistry-for-kids-and-adults-canyon-country . unfortunately, the business search API seems to be broken as it only returns 500 internal server errors for everything I try. I also use hhb_curl from https://github.com/divinity76/hhb_.inc.php/blob/master/hhb_.inc.php as a convenient wrapper around curl (takes care of CURLOPT_VERBOSE and gives it a file for debugging info in, setting CURLOPT_ENCODING for faster transfer, checking the return value of each curl_setopt, throwing an exception if any of the curl parameters cannot be set and tell me which parameter was not set, etc.), - and if you want to test this code, be sure to replace client_id and client_secret, since the ones I posted here are fake (but have same length and overall structure generated by this code https://gist.github.com/divinity76/c43e8ceb803969def0c0369b8ec6de4b )
<?php declare(strict_types = 1); // hhb_.inc.php from https://github.com/divinity76/hhb_.inc.php/blob/master/hhb_.inc.php require_once ('hhb_.inc.php'); $hc = new hhb_curl ( 'https://api.yelp.com/oauth2/token', true ); $hc->setopt_array ( array ( CURLOPT_POST => true, CURLOPT_POSTFIELDS => http_build_query ( array ( 'grant_type' => 'client_credentials', // << hardcoded 'client_id' => 'Q3sE0uuprHlZx3UbjPlnXX', 'client_secret' => 'Q3sE0uuprHlZx3UbjPlnXXQ3sE0uuprHlZx3UbjPlnXXQ3sE0uuprHlZx3UbjPln' ) ) ) ); $hc->exec (); hhb_var_dump ( $hc->getStdErr (), $hc->getStdOut () ); $json = $hc->getResponseBody (); $parsed = json_decode ( $json, true ); if (! isset ( $parsed ['access_token'] )) { throw new \RuntimeException ( 'failed to get access token!' ); } $access_token = $parsed ['access_token']; $hc->setopt_array ( array ( CURLOPT_HTTPGET => true, CURLOPT_URL => 'https://api.yelp.com/v3/businesses/' . urlencode ( 'dentistry-for-kids-and-adults-canyon-country' ), CURLOPT_HTTPHEADER => array ( 'Authorization: Bearer ' . $access_token ) ) ); $hc->exec (); hhb_var_dump ( $hc->getStdErr (), $hc->getStdOut () ); $json = $hc->getResponseBody (); $parsed = json_decode ( $json, true ); hhb_var_dump ( $parsed ); /* * the business search api seems to be severly broken, giving me 500 Internal Server Errors all the time... * $hc->setopt_array ( array ( * CURLOPT_POST => true, * CURLOPT_POSTFIELDS => http_build_query ( array ( * //'location' => "375 Valencia St, San Francisco" * //somewhere in San Francisco. * 'latitude'=>'37.7670169511878', * 'longitude'=>'-122.42184275' * * ) ), * CURLOPT_URL => 'https://api.yelp.com/v3/businesses/search', * CURLOPT_HTTPHEADER => array ( * 'Authorization: Bearer ' . $access_token * ) * ) ); * $hc->exec (); * hhb_var_dump ( $hc->getStdErr (), $hc->getStdOut () ); * $json = $hc->getResponseBody (); * $parsed = json_decode ( $json, true ); * hhb_var_dump ( $parsed ); */
you should also know that the 2nd parameter for hhb_curl :: __ construct is called $insecureAndComfortableByDefault - which disables SSL () certificate verification and enables compressed transfers (as to why this could be a problem, the Google ssl-crime vulnerability), and by disabled by default (in an attempt to be "safe by default"), but I usually support it for ease of development.