OAuth API
  • 28 Feb 2023
  • 1 Minute to read
  • Dark
    Light

OAuth API

  • Dark
    Light

Article summary

Document VersionAPI VersionRelease notesRelease DateAuthor
V1.0V12022-05-19Hardy, Cyrus

Contents

Token

The token endpoint can be used to programmatically request tokens. It supports the password.

Token JSON Format

Token is represented as simple flat JSON objects with the following keys:

NameTypeDescription
access_tokenstringAccess token.
expires_inintegerThe lifetime in seconds of the token.
token_typestringToken type.

Request token by Password

POST /oauth/token

Parameters

NameTypeInRequiredDescription
client_idstringformyesClient id.
grant_typestringformyesThe value is "password".
emailstringformyesResource owner email.
passwordstringformyesResource owner password.
partnerIdstringqueryyesId of the partner.

Response

The response is a Token object.

Example

Sample Request:

curl https://partner.comm100.io/oauth/token?partnerId=10000  \
-H 'Content-Type: application/x-www-form-urlencoded' \ 
-X 'POST'  \
-D 'client_id=1d29e6d7-18cf-407d-a064-e4f8c4baefab&grant_type=password&email=client1@company.com&password=******'

Response

HTTP/1.1 200 OK
Content-Type:  application/json
{
    "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6ImF0K2p3dCJ9.eyJuYmYiOjE2NTI5MzkzOTEsImV4cCI6MTY1Mjk4MjU5MSwiaXNzIjoiaHR0cDovL2ludGVybmFscGFydG5lci50ZXN0aW5nLmNvbW0xMDBkZXYuaW8iLCJhdWQiOiJpZHMucmVzb3VyY2UuMSIsImNsaWVudF9pZCI6ImRhdGFzeW5jIDEwMDAwIiwic3ViIjoiYmZlYjQ1ZDctNTBkYy00MTZkLWIzYzgtMzVkYjY0ZDI4OGYzIiwiYXV0aF90aW1lIjoxNjUyOTM5MzkxLCJpZHAiOiJsb2NhbCIsInVzZXJJZCI6ImJmZWI0NWQ3LTUwZGMtNDE2ZC1iM2M4LTM1ZGI2NGQyODhmMyIsInBhcnRuZXJJZCI6IjEwMDAwIiwidGh1bWJwcmludCI6Ijk2MTY2Q0EzQjM0QUJGMkQwNERGOTZBMDE1QkJEREQwOUIwQTdDNTkiLCJzdWNjZXNzIjoiVHJ1ZSIsInJvbGUiOiJVc2VyIiwianRpIjoiODVFNzUzQTYwRDY4MzI4MjlEMkU4MDEwNUU3NTAwNjIiLCJpYXQiOjE2NTI5MzkzOTEsInNjb3BlIjpbImlkcy5zY29wZSIsIm9wZW5pZCIsInByb2ZpbGUiLCJvZmZsaW5lX2FjY2VzcyJdLCJhbXIiOlsicHdkIl19.ADZQq2R3-zJl_Bg9jOUREvrXvvmLc669iZSUZhU6oRmd6vu1UXU8VkXgxQZSk4pFxCW7j2UGuDi0jTF27e5W4PzyGWmE-qj9gE-iY9b7PSOPwYENS8rylFwB3dL7f_qlQCbzQ2kUoCoAlIPLqVbQHN76ftMoo57Ge9rg0xOw-BJT4GBKiflgE6dz8ikQhlg7_DAM-JY51Vk7bmsvny356P5Rv5cdJnBvrCCqAJeV-Y5jzUblAKx61HSZE9gBoRhYOprYgK37pw3XMqG9H5BvCr32DSufA0U91rA1sOX945yNLrYAAsDHlMO2-nmEHgOMFrnIOvzsgjnMktcxkR0NQG",
    "token_type": "Bearer",
    "expires_in": 43200
}

User Info

The UserInfo endpoint can be used to retrieve identity information of a user.

User Info JSON Format

User Info is represented as simple flat JSON objects with the following keys:

NameTypeRead-onlyMandatoryDescription
agentIdstringyesnoAgent ID.
siteIdstringyesnoSite ID.
rolestringyesnoRole.

Get user info

GET /oauth/userinfo

Parameters

NameTypeInRequiredDescription
AuthorizationstringheaderyesBearer <access_token>.

Response

The response is a User Info object.

Example

Sample Request:

curl https://partner.comm100.io/oauth/userinfo  \
-H 'Authorization:Bearer <access_token>'  \

Response

HTTP/1.1 200 OK
Content-Type:  application/json
{
    "agentId": "f9683b7b-e332-4864-b725-ac6cdc207dbd",
    "siteId": 10115,
    "role": "AGENT"
}

Was this article helpful?

What's Next