...
Parameters must be send using MIME type application/x-www-form-urlencodedor application/json.
| Code Block |
|---|
https://beta-api.ambita.com/authentication/v2/token
client_id=anClientId&client_secret=theSecret&grant_type=client_credentials
|
...
The user must be registered in the Ambita Usercatalog. Parameters must be send Example below is using MIME type application/x-www-form-urlencoded.
| Code Block |
|---|
https://beta-api.ambita.com/authentication/v2/token
username=12000aUser&grant_type=trusted&client_id=aClientId&client_secret=aClientSecret
|
If authentication is successful, a JSON will be returned:
| Code Block |
|---|
{ "access_token" : "091ec7e2-40c5-43ea-9fb8-13e9f50b6db0", "token_type" : "Bearer", "expires_in" : 3600, "refresh_token" : "4db616c4-c72e-4022-96cc-f95816185531", "scope":[] } |
Refresh a token
When a token expires the client must choose between refreshing the token using the refresh_token or authenticating again as described above. Refreshing a token is pretty similar to authenticating. You don't need to send in client_id and client_secret for non-confidential clients. You post to the token service POST /authentication/v2/token but uses grant_type=refresh_token. For confidential clients the following parameters are required:
...