Generating a bearer token

To retrieve a bearer token, the client must first perform a POST request to https://<environment url>/oauth with body "grant_type=client_credentials" and content type "application/x-www-form-urlencoded". This request needs to provide the user credentials, available in a provided apiKey.properties file, using basic authentication.

apiKey.properties

apiKey.id = (api key id value)
apiKey.secret = (api key secret value)

The http basic access authentication method is used by providing an Authorization request header with the "Basic " prefix followed by a base64 encoded "<username>:<password>" string.

In our example:

base64Encode("1DR3434KDFJLR32L53L4235J6:wqe34tyyh7679jokkDa$7df46bbbbjui+b7-sdfsdfY")
    = "MURSMzQzNEtERkpMUjMyTDUzTDQyMzVKNjp3cWUzNHR5eWg3Njc5am9ra0RhJDdkZjQ2YmJiYmp1aStiNy1zZGZzZGZZ"

The resulting successful response body will consist of a JSON object with the following fields:

Field Name Description
access_token The actual token value to use calls that require OAuth2.0 authentication
expires_in TTL (seconds)
scope Space separated list of permissions
token_type OAuth2.0 token type

Example

Request

POST /oauth HTTP/1.1
Host: dmo.metapack.com
Authorization: Basic MURSMzQzNEtERkpMUjMyTDUzTDQyMzVKNjp3cWUzNHR5eWg3Njc5am9ra0RhJDdkZjQ2YmJiYmp1aStiNy1zZGZzZGZZ
Content-Type: application/x-www-form-urlencoded
grant_type=client_credentials

Response

HTTP/1.1 200 OK
Access-Control-Allow-Headers: X-Requested-With,Content-Type
Access-Control-Allow-Methods: GET,PUT,POST,DELETE
Access-Control-Allow-Origin: *
Content-Length: 591
Content-Type: application/json; charset=utf-8
Date: Wed, 14 Jan 2015 14:42:51 GMT
X-Powered-By: Express
{
    "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiI1R1oyS0NWQzBXTDJMM1E1UVdITjA4SUw1IiwiaXNzIjoiaHR0cHM6Ly9hcGkuc3Rvcm1wYXRoLmNvbS92MS9hcHBsaWNhdGlvbnMvN01ibXRzWVRhSjBQOEY0bjBseHVJOSIsImlhdCI6MTQyMTI0NjU3MSwiZXhwIjoxNDIxMjUwMTcxLCJzY29wZSI6ImNhbi1jcmVhdGUtbG9jYXRpb25zIGNhbi1kZWxldGUtb3duLWxvY2F0aW9ucyBjYW4tdXBkYXRlLW93bi1sb2NhdGlvbnMgY2FuLWNyZWF0ZS1vd24tbG9jYXRpb24tcnVsZXMgIn0.HMoDne2AHWcAQCghCWbGRVbZeXITMfVA31t8HPUP4Rw",
    "expires_in": 3600,
    "scope": "can-create-locations can-delete-own-locations can-update-own-locations can-create-own-location-rules ",
    "token_type": "bearer"
}

results matching ""

    No results matching ""