For grant type "Implicit Grant" the Authorization Broker supports the following HTTP request properties: ➢Authorization Endpoint: https://{host}:8061/binetix/oauth ➢Request Methods: GET (recommended), POST
Notes: ✓In HTTPS mode with POST method you can encrypt all input parameter of the HTTP request as a standard form-based values. ✓By default, the Authorization Server is using self-signed certificate over HTTPS. |
The recommended service properties are used in the code samples below under localhost. Step 1: Send a request to retrieve new access token:
HTTP Request Header (GET)
Step 2: Check-out the response:
Implementation Notes: •Note that the request URI directs you to Authorization Endpoint. •The HTTP Request Body should be empty. •The HTTP Response Body is empty. •The HTTP Response Code in normal circumstances corresponds to the redirection method selected on ground of the URI specified in redirect_uri filed. •In the sample above this field in URI query is empty and the Authorization Server has automatically selected a relative path specified in the Location field within the response header. This technique could be quite useful - you can just parse the query data from the Location field and to extract the access_token. •The access token is generated in accordance with RFC 6750 and can be directly used as a string sequence in the header of the HTTP requests to the Protected Resource. •The access token's lifetime is calculated in seconds. The default value is 259200 sec. (eq. 72h or 3 full astronomical days). |