Overview
Retrieves the token portion of the OAuth 2.0 specification.
Request Arguments
| Name |
Type |
Description |
Required |
|
grant_type
|
String
|
Type of request. Available grant types are "password" and "refresh_token".
|
True
|
|
client_id
|
String
|
Used to identify the client. A client_id of "sugar" will automatically create an OAuth Key in the system that is used for "password" authentication. A client_id of "support_portal" will create an OAuth Key that will allow for portal authentication. Additional client_id's can be created by the administrator in Admin > OAuth Keys to allow for additional grant types. If the client secret is populated, it will be validated against the client id.
|
True
|
|
client_secret;
|
String
|
The clients secret key.
|
True
|
|
username
|
String
|
The username of the user authenticating to the system.
|
True
|
|
password
|
String
|
The plaintext password the user authenticating to the system.
|
True
|
|
platform
|
String
|
The platform type. Available types are "base", "mobile", and "portal".
|
True
|
Request for Password Grant Types
{
"grant_type":"password",
"client_id":"sugar",
"client_secret":"",
"username":"admin",
"password":"password",
"platform":"base"
}
Request for Refresh Token Grant Types
{
"grant_type":"refresh_token",
"refresh_token":"c1be5132-655b-1ca3-fb44-512e36709871",
"client_id":"sugar",
"client_secret":"",
"platform":"base"
}
Response Arguments
| Name |
Type |
Description |
|
access_token
|
String
|
The access token needed to authenticate for other methods.
|
|
expires_in
|
Integer
|
The length of time until access_token expires in seconds.
|
|
token_type
|
String
|
The token type. Currently only "bearer" is supported.
|
|
null|
|
|
The Oauth scope. Normally returned as null.
|
|
refresh_token
|
String
|
The token needed to extend the access_token expiration timeout.
|
|
refresh_expires_in
|
Integer
|
The length of time until refresh_token expires in seconds.
|
|
download_token
|
String
|
The token used to download images and files.
|
Response
{
"access_token":"802b64c0-5eac-8431-a541-5342d38ac527",
"expires_in":3600,
"token_type":"bearer",
"scope":null,
"refresh_token":"85053198-24b1-4521-b1a1-5342d382e0b7",
"refresh_expires_in":1209600,
"download_token":"8c9b5461-0d95-8d87-6084-5342d357b39e"
}
Change Log
| Version |
Change |
|
v10
|
Added /oauth2/token POST endpoint.
|