Access token issued to the client (eg: Confluence) based on authorization_code or refresh_token |
About Oauth2: https://tools.ietf.org/html/rfc6749 |
https://tools.ietf.org/html/rfc6749#section-1.4 Access tokens are credentials used to access protected resources. An access token is a string representing an authorization issued to the client. The string is usually opaque to the client. Tokens represent specific scopes and durations of access, granted by the resource owner, and enforced by the resource server and authorization server. |
The client makes a request to the token endpoint by sending the following parameters using the "application/x-www-form-urlencoded" format per Appendix B with a character encoding of UTF-8 in the HTTP request entity-body... |
curl -v -i -k -H "Authorization: OAuth" -X POST https://example.com/orestapi/oauth2/access_token?grant_type=authorization_code&code=Sgw7P0b5XaDvedkrK1SRe6kTVG4&redirect_uri=URI&client_id=M3SIwV0JqDyguvhmV0nlvsMJz75DR48c&client_secret=bHOKmLn4PHsGL0sHQiTcSAyHCtZjrOGy |
Item | Description | Notes |
---|---|---|
endpoint | /orestapi/oauth2/access_token | |
http method | POST | |
Header | ||
Authorization | OAuth | |
Parameters | https://tools.ietf.org/html/rfc6749#section-4.1.1 | |
grant_type | REQUIRED Value MUST be set to "authorization_code". | Use "authorization_code", it is a static value |
code | REQUIRED The authorization code received from the authorization server | Created during ORESTAPI oauth2 authorization |
redirect_uri | REQUIRED x-www-form-urlencoded format | If the "redirect_uri" parameter was included in the authorization request as described in Section 4.1.1, and their values MUST be identical. |
client_id | REQUIRED | The client_id of the application making the request |
client_secret | REQUIRED | The client_secret of the application making the request |
curl -v -i -k -H "Authorization: Basic fidsofjsdifpi8989fdsfodsd9wief" -X GET https://example.com/orestapi/oauth2/access_token?grant_type=refresh_token&refresh_token=fdsifjsdf8sd9f8dsf |
Item | Description | Notes |
---|---|---|
endpoint | /orestapi/oauth2/access_token | dedikált, saját fejlesztésű endpoint oauth2 authorization code access_token folyamathoz |
http method | POST | |
Header | ||
authorization | Basic | "Basic" + " " + base64 encoded client_id:client_secret |
Parameters | ||
grant_type | REQUIRED Value MUST be set to "refresh_token" | Use "reresh_token", it is a static value |
refresh_token | REQUIRED The refresh_token | Should be valid, if not, error is returned |
If the access token request is valid and authorized, the authorization server issues an access token and optional refresh token as described in Section 5.1. If the request client authentication failed or is invalid, the authorization server returns an error response as described in Section 5.2. |
HTTP/1.1 200 OK Content-Type: application/json;charset=UTF-8 Cache-Control: no-store Pragma: no-cache { "access_token":"2YotnFZFEjr1zCsicMWpAA", "token_type":"Bearer", "expires_in":360, "refresh_token":"tGzv3JOkF0XG5Qx2TlKWIA", } |
Parent | Key | Value Type | Description | Notes |
---|---|---|---|---|
- | access_token | string | Generated by Odoo | Reusable within expiry. Expires in 360s. |
- | token_type | string | Bearer | Static value |
- | expires_in | integer | 360 seconds | Hardcoded for now |
- | refresh_token | string | Generated by Odoo | Reusable within expiry Expires in 3600s (10x the access_token). Upon every successful access_token request a new refresh_token is generated, so the validity time is prolonged. |