ORESTAPI oauth2 access_token
Access token issued to the client (eg: Confluence) based on authorization_code or refresh_token
Notes
About Oauth2: https://tools.ietf.org/html/rfc6749
About access_token
https://tools.ietf.org/html/rfc6749#section-1.4
Access tokens are credentials used to access protected resources. An access token is a string representing an authorization issued to the client. The string is usually opaque to the client. Tokens represent specific scopes and durations of access, granted by the resource owner, and enforced by the resource server and authorization server.
Request - authorization_code
The client makes a request to the token endpoint by sending the following parameters using the "application/x-www-form-urlencoded" format per Appendix B with a character encoding of UTF-8 in the HTTP request entity-body...
curl -v -i -k -H "Authorization: OAuth" -X POST https://example.com/orestapi/oauth2/access_token?grant_type=authorization_code&code=Sgw7P0b5XaDvedkrK1SRe6kTVG4&redirect_uri=URI&client_id=M3SIwV0JqDyguvhmV0nlvsMJz75DR48c&client_secret=bHOKmLn4PHsGL0sHQiTcSAyHCtZjrOGy
Item | Description | Notes |
---|---|---|
endpoint | /orestapi/oauth2/access_token | |
http method | POST | |
Header | ||
Authorization | OAuth | |
Parameters | https://tools.ietf.org/html/rfc6749#section-4.1.1 | |
grant_type | REQUIRED Value MUST be set to "authorization_code". | Use "authorization_code", it is a static value |
code | REQUIRED The authorization code received from the authorization server | Created during ORESTAPI oauth2 authorization |
redirect_uri | REQUIRED x-www-form-urlencoded format | If the "redirect_uri" parameter was included in the authorization request as described in Section 4.1.1, and their values MUST be identical. |
client_id | REQUIRED | The client_id of the application making the request |
client_secret | REQUIRED | The client_secret of the application making the request |
Request - refresh_token
curl -v -i -k -H "Authorization: Basic fidsofjsdifpi8989fdsfodsd9wief" -X GET https://example.com/orestapi/oauth2/access_token?grant_type=refresh_token&refresh_token=fdsifjsdf8sd9f8dsf
Item | Description | Notes |
---|---|---|
endpoint | /orestapi/oauth2/access_token | dedikált, saját fejlesztésű endpoint oauth2 authorization code access_token folyamathoz |
http method | POST | |
Header | ||
authorization | Basic | "Basic" + " " + base64 encoded client_id:client_secret |
Parameters | ||
grant_type | REQUIRED Value MUST be set to "refresh_token" | Use "reresh_token", it is a static value |
refresh_token | REQUIRED The refresh_token | Should be valid, if not, error is returned |
Response
If the access token request is valid and authorized, the authorization server issues an access token and optional refresh token as described in Section 5.1. If the request client authentication failed or is invalid, the authorization server returns an error response as described in Section 5.2.
HTTP/1.1 200 OK Content-Type: application/json;charset=UTF-8 Cache-Control: no-store Pragma: no-cache { "access_token":"2YotnFZFEjr1zCsicMWpAA", "token_type":"Bearer", "expires_in":360, "refresh_token":"tGzv3JOkF0XG5Qx2TlKWIA", }
Parent | Key | Value Type | Description | Notes |
---|---|---|---|---|
- | access_token | string | Generated by Odoo | Reusable within expiry. See settings at ORESTAPI Applications |
- | token_type | string | Bearer | Static value |
- | expires_in | integer | 360 seconds | See settings at ORESTAPI Applications |
- | refresh_token | string | Generated by Odoo | Reusable within expiry Expires in 3600s (10x the access_token). Upon every successful access_token request a new refresh_token is generated, so the validity time is prolonged. |