Server Side Apps
In some cases an application may need to authenticate itself, rather than a human user. An example of this could be
an application that must spin up at some set interval and run some logic that requires authentication and authorization. In
this case the application would need to get it's own access_token. This is why we provide the client_credentials grant type.
The token endpoint
- Method:
POST
- Endpoint:
${serverRoot}/oauth/token
Query Params
| Query Parameter |
Type |
Description |
| grant_type |
string |
Required This value must be set to client_credential |
| Header |
Value |
Description |
| Authorization |
Basic |
Required The users bearer token |
- An example of how to create the
base64EncodedClientIdAndSecret is below:
$ echo -n "yourClientId:yourClientSecret" | base64
Response:
* If the request is successful the response will look similar to the following:
HTTP/1.1 200 OK
Content-Type: application/json
Cache-Control: no-store
{
"access_token":"someAccessTokenValue",
"token_type":"Bearer",
"expires_in":3600,
"refresh_token":"SomeRefreshTokenValue",
}
An example of how to invoke is below:
$ curl --location --request POST 'http://localhost:8381/oauth/token?grant_type=client_credentials' \
--header 'Authorization: Basic TheBase64EncodedClientIdAndSecret=='