OAuth 2.0 - Client Credentials
The service-provider may create an authorization web-service, which supports the OAuth 2.0 (D. Hardt, Ed., 2012) Client Credentials grant type. BOG will use an HTTP POST request method for communication with the authorization endpoint.
Header Parameters
Content-Typerequiredapplication/x-www-form-urlencoded
Body Parameters
grant_typerequiredclient_credentials
The value is a static text: client_credentials
client_idrequired<client_id>
client_secretrequired<client_secret>
- CURL
curl --location --request POST 'http://localhost:8080/ess-api/authenticate' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'client_id=client_id' \
--data-urlencode 'client_secret=client_secret'
Response
The service-provider must return the following JSON response:
access_tokenstring
The Token received from the authorization server.
created_atstring
UNIX timestamp – the amount of milliseconds that have passed since January 1st, 1970 at UTC .
expires_innumber
The number of seconds while the token stays active.
token_typenumber
Token type (A static value - Bearer
).
- RESPONSE
{
"access_token": "xx82194x21412xxx219124x678x888x2xxx1900xx",
"created_at": 1693236686855,
"expires_in": 300,
"token_type": "Bearer"
}
For any subsequent calls to the API, when the token is valid, BOG will use the HTTP header of the form:
AuthorizationrequiredBearer <token>
„Bearer „ + „<token>“ (e.g.: „Bearer xx82194x21412xxx219124x678x888x2xxx1900xx“),
where token
is the value returned from the service-provider's authorization endpoint.