OAuth2 API

Get Authorization Token

post

This request is used by Thales to retrieve an OAUTH 2.0 access authorization token to be used for outgoing issuer API requests.

Header parameters

authorizationstringRequired

The authorization header includes a client secret in base64URL encoded format following this syntax: Basic "[clientId:client secret]" as per https://www.rfc-editor.org/rfc/rfc2617

Example: Basic aXNfdGJhbmswMToxMjM=

Body

grant_typestring · enumRequiredPossible values:

scopestringOptional

Access request scope as optionally defined by the issuer

Responses

200

Default allowed response

application/json

access_tokenstringRead-onlyRequired

The access token issued by the authorization server

Example: ey...HRT6LOON7w

expires_instringRead-onlyOptional

Remaining time in seconds for the access_token to expire.

Example: 900

scopestringRead-onlyOptional

Scope of the access_token.

token_typeundefined · enumRequired

Type of the access_token that will be used to call Issuer APIs.

Example: BearerPossible values:

expires_atstringRead-onlyOptional

Access token expiration timestamp

Example: 2023-06-06T05:05:59.711Z

400

Bad request

post

/oauth2/token

POST /authz/d1/v1/oauth2/token HTTP/1.1
Host: YOUR_DOMAIN
authorization: Basic aXNfdGJhbmswMToxMjM=
Content-Type: application/x-www-form-urlencoded
Accept: */*
Content-Length: 50

"grant_type='client_credentials'&scope='text'"

{
  "access_token": "ey...HRT6LOON7w",
  "expires_in": "900",
  "scope": "text",
  "token_type": "Bearer",
  "expires_at": "2023-06-06T05:05:59.711Z"
}

PreviousOutbound API (from D1)NextConsumer API

Last updated 4 months ago

Was this helpful?