/oauth2/token POST
Overview
Retrieves the token portion of the OAuth 2.0 specification.
Request Arguments
| Name |
Type |
Description |
Required |
|---|
| grant_type |
String |
Type of request. Available grant types are "password" and "refresh_token". |
True |
| client_id |
String |
Used to identify the client. A client_id of "sugar" will automatically create an OAuth Key in the system that is used for "password" authentication. A client_id of "support_portal" will create an OAuth Key that will allow for portal authentication. Additional client_id's can be created by the administrator in Admin > OAuth Keys to allow for additional grant types. If the client secret is populated, it will be validated against the client id. |
True |
| client_secret; |
String |
The clients secret key. |
True |
| username |
String |
The username of the user authenticating to the system. |
True |
| password |
String |
The plaintext password the user authenticating to the system. |
True |
| platform |
String |
The platform type. Available types are "base", "mobile", and "portal". |
True |
Request for Password Grant Types
{
"grant_type":"password",
"client_id":"sugar",
"client_secret":"",
"username":"admin",
"password":"password",
"platform":"base"
}
Request for Refresh Token Grant Types
{
"grant_type":"refresh_token",
"refresh_token":"c1be5132-655b-1ca3-fb44-512e36709871",
"client_id":"sugar",
"client_secret":"",
"platform":"base"
}
Response Arguments
| Name |
Type |
Description |
|---|
| access_token |
String |
The access token needed to authenticate for other methods. |
| expires_in |
Integer |
The length of time until access_token expires in seconds. |
| token_type |
String |
The token type. Currently only "bearer" is supported. |
| null| |
|
The Oauth scope. Normally returned as null. |
| refresh_token |
String |
The token needed to extend the access_token expiration timeout. |
| refresh_expires_in |
Integer |
The length of time until refresh_token expires in seconds. |
| download_token |
String |
The token used to download images and files. |
Response
{
"access_token":"802b64c0-5eac-8431-a541-5342d38ac527",
"expires_in":3600,
"token_type":"bearer",
"scope":null,
"refresh_token":"85053198-24b1-4521-b1a1-5342d382e0b7",
"refresh_expires_in":1209600,
"download_token":"8c9b5461-0d95-8d87-6084-5342d357b39e"
}
Change Log
| Version |
Change |
|---|
| v10 |
Added /oauth2/token POST endpoint. |