This release is only available for SugarCloud customers.
/oauth2/token POST
Overview
Retrieves the token portion of the OAuth 2.0 specification.
Request Arguments
| Name | Type | Description | Required |
|---|---|---|---|
| grant_type | String | Type of request. Available grant types are "password" and "refresh_token". | True |
| client_id | String | Used to identify the client. A client_id of "sugar" will automatically create an OAuth Key in the system that is used for "password" authentication. A client_id of "support_portal" will create an OAuth Key that will allow for portal authentication. Additional client_id's can be created by the administrator in Admin > OAuth Keys to allow for additional grant types. If the client secret is populated, it will be validated against the client id. | True |
| client_secret; | String | The clients secret key. | True |
| username | String | The username of the user authenticating to the system. | True |
| password | String | The plaintext password the user authenticating to the system. | True |
| platform | String | The platform type. Available types are "base", "mobile", and "portal". | True |
Request for Password Grant Types
{
"grant_type":"password",
"client_id":"sugar",
"client_secret":"",
"username":"admin",
"password":"password",
"platform":"base"
}
Request for Refresh Token Grant Types
{
"grant_type":"refresh_token",
"refresh_token":"c1be5132-655b-1ca3-fb44-512e36709871",
"client_id":"sugar",
"client_secret":"",
"platform":"base"
}
Response Arguments
| Name | Type | Description |
|---|---|---|
| access_token | String | The access token needed to authenticate for other methods. |
| expires_in | Integer | The length of time until access_token expires in seconds. |
| token_type | String | The token type. Currently only "bearer" is supported. |
| null| | The Oauth scope. Normally returned as null. | |
| refresh_token | String | The token needed to extend the access_token expiration timeout. |
| refresh_expires_in | Integer | The length of time until refresh_token expires in seconds. |
| download_token | String | The token used to download images and files. |
Response
{
"access_token":"802b64c0-5eac-8431-a541-5342d38ac527",
"expires_in":3600,
"token_type":"bearer",
"scope":null,
"refresh_token":"85053198-24b1-4521-b1a1-5342d382e0b7",
"refresh_expires_in":1209600,
"download_token":"8c9b5461-0d95-8d87-6084-5342d357b39e"
}
Change Log
| Version | Change |
|---|---|
| v10 | Added /oauth2/token POST endpoint. |
Last modified: 2021-01-06 23:28:41