OAuth 2.0 Access Token Request
  • 08 Jul 2024
  • 1 Minute to read
  • Dark
    Light

OAuth 2.0 Access Token Request

  • Dark
    Light

Article summary

Issue a POST to /idp/profile/oauth2/token  using the application/x-www-form-urlencoded format with a character encoding of UTF-8 and the following parameters in the request body:

Parameter

Type

Description

grant_type

String required

"authorization_code"

code

String required

The value of the "code" parameter from the previous response.

redirect_uri

String required

The registered callback URL Must match exactly the value used in the previous request.

client_id

String optional

Your Client ID. This is required if HTTP Basic Authentication is not used.

client_secret

String optional

Your Client Secret. This is required if HTTP Basic Authentication is not used.

As shown in the above table, HTTP Basic Authentication may be used instead of providing client_id and client_secret as request parameters.  In that case the Client ID should be used as the username and the Client Secret should be used as the password.


Was this article helpful?

ESC

Eddy AI, facilitating knowledge discovery through conversational intelligence