For grant type "Resource Owner Credentials" the Authorization Broker supports the following HTTP request properties: ➢Access Token Endpoint: https://{host}:8061/binetix/oauth/token ➢Request Methods: GET, POST (recommended)
Notes: ✓In HTTPS mode with POST method you can encrypt all input parameter of the HTTP request as a standard form-based values. ✓By default, the Authorization Server is using self-signed certificate over HTTPS. |
The recommended service properties are used in the code samples below under localhost. Step 1: Send a request to retrieve new access token:
HTTP Request Header (POST)
Step 2: Check-out the response:
Implementation Notes: •In Basic Authorization mode the Client's credentials (Client ID and Client Secret) are encoded in BASE64 in accordance with RFC 2617. •The access token is generated in accordance with RFC 6750 and can be directly used as a string sequence in the header of the HTTP requests to the Protected Resource. •The access token's lifetime is calculated in seconds. The default value is 259200 sec. (eq. 72h or 3 full astronomical days). |
Configuration Samples & Testing
CURL (Windows PowerShell - insecure request with GET method)
|