Page tree

Citypoint - контроль и аналитика автопарка

Skip to end of metadata
Go to start of metadata

Authorization implements oAuth2 protocol using login and password (password credentials grant)

Request:

URL:

POST https://api.url/v2.1/oauth/token

Request headers:

Content-Type:  application/x-www-form-urlencoded or multipart/form-data


Request parameters:

ParameterTypeDefault valueDescription
grant_typestring

Authorization type

Must be set to <password> at first time

client_idint

Client identifier

(obtaining on demand)

client_secretstring

Client secret key

(obtaining on demand)

usernamestring
User login
passwordstring
User password
scopestring

Required API scopes

Ignore this parameter if need only v2.1 API

Response:


ПолеОписание
token_typeToken type
expires_inToken lifetime (days)
access_token

An access token is a string (JWT format) that identifies a user (contains field <user_id>).

refresh_tokenA refresh token is the credential that can be used to acquire new access token instead of expired one.


Response codes:

200 ОК - Server has processed the request. Response contains tokens.

401 Unauthorized - Invalid user name, password or client secret were sent.

400 Bad Request - Unsupported parameters were sent or server failed to process the request (response contains error description).

Other errors are possible

Example

POST http://api.url/v2.1/oauth/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded

grant_type=password&client_id=1&client_secret=my_sercret&username=demo&password=demo&scope=api:mobile

HTTP/1.1 200 OK
Content-Type: application/json
					
{
    "token_type": "Bearer",
    "expires_in": 43200,
    "access_token": "access key",
    "refresh_token": "refresh key"
} 



  • No labels