i

Please enable JavaScript to view this site.

Documentation 8.3

Navigation: User Manual > Integration > Deyel Rest API > Security > OAuth 2.0

Resource Owner Password Credentials

To make calls, the following configuration should be used:

 

POST verb.

Add parameters using the format:

  "application/x-www-form-urlencoded".

Access credentials ("client_id" and "client_secret") must be sent in “Basic xxxxxx” format where the xxxxxx represent Base64 encoded values.

Specify the "grant_type" parameter with "password" value.

Specify the "username" parameter with the value of the resource owner's username.

Specify the "password" parameter with the value of the resource owner’s password.

Usage Example in Postman

 

The following is an example of an access token request from Postman.

 

 

API-EjemploUso-003

 

API-EjemploUso-004

 

The client makes the following HTTP request:

 

POST /oauth/token HTTP/1.1

Host: localhost:8080

Authorization: Basic REVZRUxCT1Q6Qk9UREVZRUwzMTIh

Content-Type: application/x-www-form-urlencoded

Content-Length: 54

grant_type=password&username=afarias&password=deyel123

 

If the access token request is valid and authorized, the authorization server issues an access token and a refresh token. If the client request failed authentication or is invalid, the authorization server returns an error response, such as for submitting a non-existent user.

 

Successful access token response:

 

 

{

    "access_token""eyJraWQiOiJrMSIsImFsZyI6IlJTMjU2I….ezCK4IWR7YU1NlMAuCFKE7mJw",

    "refresh_token""eyJraWQiOiJrMSIsImFsZyI6IlJTMjU….cL_mqernCGkQ",

    "token_type""Bearer",

    "expires_in": 86400

}

 

 

Failed answer:

 

 

{

    "error_description""Invalid client_id",

    "error""Invalid_request"

}

Send us your comment
Share on Twitter Share on Linkedin Send by Email Print