Hello Mike good year, not worry thank you for the answer

I realized that problem was the javascript security that don't allow the access to 2 differents https domine or protocol.. Infact debugging everything was fine
Only .document was not accessible so never comeback to application and never close the popup login window

but Today 2016 so I wake up this morning with another solution in mind that by pass the limit of javascript authorization working with 2 different https domine
infact Fortunately there was another way to get the personal access code, it is what they call PAT to get a personal code authorization.
So I solved the first important

Without need oAuth2 only using Http class. But now that I got the Authorization Code I can get access to all other functions using oAuth2 class

This is how I solved.

Object oUPHttp is a cHttpTransferUIG

Function createauthorization String soptToken String username String password String smycomment Returns Boolean
String sReDir sID sSecret sPath sHost sData sVar sBody
Integer iLen iOK
Address aBinary

Move "v0/me/tokens" to sPath

Send Reset
Set psRemoteHost to "api.uphold.com"
Set piRemotePort to rpHttpSSL // Is this always the case?
Set peTransferFlags to ifSecure // Presumably this *is* always the case

// aBinary could be any binary data of length iLen.
Move ( trim( String(username))+":" + (trim(String(password )))) to sData
Move (AddressOf(sData)) to aBinary
Move (Length(sData)) to iLen


// base64Encode to string
Get Base64EncodeToStr of oCharTranslate aBinary iLen to sVar
Get AddHeader "Content-Type" "application/json" to iOK

Get AddHeader "Authorization" ("Basic" * (String(sVar)) ) to iok
Get AddHeader "Access-Control-Allow-Origin" "*" to iOK // it don't really need
If (soptToken >"") Get AddHeader "X-Bitreserve-OTP" (String( soptToken)) to iok // double authentication factor if enabled on the uphold backoffice it need
// to get before send command need to login uphold and receive sms by code
//soptToken Must be = to the sms token received by uphold
Move ('{ "description": '+'"'+sMyComment+'" }' to sBody

Get HttpVerbAddrRequest sPath (AddressOf(sBody)) (Length(sBody)) False "POST" to iOK
Function_Return iOK
End_Function
end_object
After the succesfull "POST" , using psgetdata I can check the return data in json format somenthing like

//{"accessToken":"xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx","descr iption":"My command line script","id" :"yyyyyyyyyyyyyyyyyyyyyyyyyyyy"}
accessToken is what I need to can do all other stuff

There is a DF Json class to parse this string like we can do with Xml? or I need to parse by myself, it is not a problem of course do it. But always better use standard df classes/methods.

Anyway now I can create a df Class with all functions to read/write create transactions, money transfer and more.... using oAuth2, when finish I will publish here the source! Hope to not found other problems

Hope this was more complex part (:>) I lost 2 full days to can write these few lines of code (:<)