Skip to Content
DocsREST APIAuthenticationOAuth 2.0 Authentication

OAuth 2.0 Authentication

How to obtain credentials

You get client_id and client_secret when you create a client as described in Managing clients. username and password are managed as described in Managing users.

Get access token: Client Credentials Grant

InfoLink implements the Client Credentials Grant flow of the OAuth 2.0 specification.

To get an access token, send POST /api/v1/oauth2/token request with the following parameters using “application/x-www-form-urlencoded” format:

  • grant_type - must be set to “client_credentials”

  • client_id

  • client_secret

For example:

Invoke-WebRequest -UseBasicParsing http://<host>/api/v1/oauth2/token -ContentType "application/x-www-form-urlencoded" -Method POST -Body "grant_type=client_credentials&client_id=9605c5d5-2a1b-49cc-8aaa-b350ee9d86b6&client_secret=eebb17b2-9ce4-4c73-a23f-d23739bf99b4" | Select-Object -Expand Content

The sever will respond with a JSON object containing the following properties:

{"access_token":"<access token>","refresh_token":"<refresh token>","token_type":"Bearer","expires_in":1800}

Get access token: Resource Owner Credentials Grant

InfoLink supports the Resource Owner Credentials Grant flow of the OAuth 2.0 specification.

To get an access token, send POST /api/v1/oauth2/token request with the following parameters using “application/x-www-form-urlencoded” format:

  • grant_type - must be set to “password”

  • client_id

  • client_secret

  • username

  • password

For example:

Invoke-WebRequest -UseBasicParsing http://<host>/api/v1/oauth2/token -ContentType "application/x-www-form-urlencoded" -Method POST -Body "grant_type=password&client_id=9605c5d5-2a1b-49cc-8aaa-b350ee9d86b6&client_secret=eebb17b2-9ce4-4c73-a23f-d23739bf99b4&username=john%40company.com&password=mypassword" | Select-Object -Expand Content

The sever will respond with a JSON object containing the following properties:

{"access_token":"<access token>","refresh_token":"<refresh token>","token_type":"Bearer","expires_in":1800}

Use access token

For any grant, use the obtained access token with any API request by additing it to the HTTP header Authorization: Bearer <access token>. For example:

Invoke-WebRequest -UseBasicParsing http://<host>/api/v1/executeJob -ContentType "application/json" -Method POST -Headers @{ 'Authorization' = 'Bearer b37b1dcc-7fac-4435-a947-fa2e0a2a3ad7' } -Body "{'appId':'170', 'isAsync': false, 'responseFormat': 'text', 'operation':{'opName': 'RunScenario', 'opParams': {'scenario': 'LoadData', 'parameters': {}, 'data': null }}}" | Select-Object -Expand Content

Refresh access token

If the access token is expired, the server will respond with the following JSON object:

{"result":{"code":"invalid_grant","message":"Credentials or token is invalid or expired"},"status":"error"}

You can get a new access token using the refresh token by sending the following body “application/x-www-form-urlencoded” format via POST /api/v1/oauth2/token request:

  • grant_type - must be set to “refresh_token”

  • refresh_token

For example:

Invoke-WebRequest -UseBasicParsing http://<host>/api/v1/oauth2/token -ContentType "application/x-www-form-urlencoded" -Method POST -Body "grant_type=refresh_token&refresh_token=75168ca1-d5ac-4bda-a943-0d3906710d14" | Select-Object -Expand Content

If the refresh token is not expired, the server will respond with as a new access token:

{"access_token":"c5b8d97d-768c-4c21-b8d5-995560b8bde7","refresh_token":"1a47224c-9a59-49df-83cf-1d79cf2dc738","token_type":"Bearer","expires_in":1800}

If the refresh token is expired, the server will respond as follows:

{"error_description":"Credentials or token is invalid or expired","error":"invalid_grant"}
Last updated on
API Key AuthenticationGET /api/v1/getJobStatus.jsp