Download OpenAPI specification:Download
Provide access_token to registered clients/services. Issue OAuth2 compliant authorization token.
Client integration notes:
1. This end point is in compliance with OAuth2 RFC 6749 to authenticate registered confidential clients with grant_type=client_credentials over HTTPS channel.
2. Clients MUST obtain client_id, client_secret as part of client registration.
2. Clients MUST ensure to secure sensitive information e.g, client_secret, access_token, etc.,
3. RFC 6749 section 4.4.3 recommends NO support for refresh access_token.
4. Successfully authenticated clients SHALL receive bearer type access_token.
5. Clients MUST set HTTP Authorization: Bearer
6. Rest end points SHALL return http status 401 when access_token is invalid or expired.
| accept-language | string Example: en Default value: en |
| timestamp required | string Example: Tue, 06 Mar 2020 21:00:00 GMT request timestamp in HTTP Date format - Tue, 06 Mar 2020 21:00:00 GMT |
| message_id | string Example: 123456789020211216223812 Unique message id to communicate between sender and receiver systems and it's scope is restricted to transport layer only to successfully devier the message between sender and receiver. |
| grant_type required | string Value must be set to client_credentials |
| client_id required | string The client identifier issued to the client during the registration process described by RFC 6749 Section 2.2. |
| client_secret required | string client secret shared to clients as part of client registration process or regualar rotation of client_secret. |
| scope | string (OidcScope) OIDC complaint auth tokens issued by an authorization service for OAuth2, OIDC complaint clients. |
{- "access_token": "2YotnFZFEjr1zCsicMWpAA",
- "token_type": "bearer",
- "expires_in": "36000"
}