POST /public/v1/auth
Request an access token using credentials for a registered client. The client's credentials
consist of an ID (or "key") and a secret. The credentials may be included in the request in
one of two ways:
- as HTTP Basic authentication credentials in the "Authorization" header;
- or as client_id and client_secret form parameters.
Only one of these two methods should be used. See
RFC 6749 Section 2.3.1 for
more details about the client authentication request.
Request Parameters
name |
type |
description |
default |
client_id |
form |
the client ID (only if not using HTTP Basic authentication) |
|
client_secret |
form |
the client secret (only if not using HTTP Basic authentication) |
|
grant_type |
form |
the authorization grant type (must be "client_credentials") |
|
scope |
form |
the scope of the access request |
|
Authorization |
header |
HTTP Basic authentication credentials |
|
Response Codes
code |
condition |
200 |
if the credentials are valid |
400 |
if the request is not valid in some way (the response body will have
details about the specific error) |
Response Body
media type |
data type |
description |
application/json |
AccessTokenResponse
(JSON) |
the access token |
Example
Request
POST /public/v1/auth
Accept: application/json
Authorization:
Response
HTTP/1.1 200 OK
Content-Type: application/json
{
"access_token" : "...",
"token_type" : "bearer",
"expires_in" : 3600,
"scope" : ""
}