Generate Token
POST/token-srv/token
This API call is used to generate access token based on the grant type passed. The Flows are described here.
The token endpoint of the cidaas server accepts the following grant types:
Device code : this grant is used when performing authentication on a different device, which is more user-friendly to perform an authentication.
Authorization code : the code obtained from the authorization endpoint which the server uses to look up the granted permission or consent.
Resource owner password credentials : the client obtains the end-user username and password and passes them to the token endpoint; use of this grant should be limited to highly trusted clients or devices.
Client credentials: the client ID and secret obtained from client registration; this grant is intended for clients acting on their own behalf.
Refresh token: a special token which can be used to retrieve a new ID / refresh token.
Token Exchange: retrieve a token with extended scopes by providing a users token in a secured backend
Request
Responses
- 200
- 400
SUCCESS
A successful HTTP response to an access-token request contains a JSON object with the access token and additional data.
BAD REQUEST