Requests the access token that will be provided each time a call is made to a feature in the API. This request is submitted after authentication and after having requested the authorization code. This procedure follows the OAuth 2.0 authorization standard for access to API features.
URL
{RMUrl}/APIIntegration/token
REQUEST METHOD
POST
FORM CONTENT
code (Required): Authorization code received by the "Request Authenticated Authorization" feature.
client_id (Required): Identifier of the client application. This identifier is generated automatically when the application is registered in the Administration module of Modulo Risk Manager.
client_secret (Required): Secret key for the application. This key is generated automatically when the application is registered in the Administration module of the Modulo Risk Manager.
grant_type (Required): For authenticated authorization requests, this field must contain the following value: "authorization_code".
redirect_uri (Required): URL used to return the requested access token.
REQUEST EXAMPLE
{
"code" : "456c63e8511c42aeb497f0d76adbb8d0",
"client_id" : "37d96bb17f5143169e543cf1579586e3",
"client_secret" : "1b4916ce4491419590972130c4735cad",
"grant_type" : "authorization_code",
"redirect_uri":
"http://client.example.com/client_app"
}
SUCCESS RESPONSE
access_token: Access token provided by Modulo Risk Manager.
token_type: Type of access token provided by Modulo Risk Manager. The only type currently supported is "bearer".
refresh_token: Refresh token provided by Modulo Risk Manager.
expires_in: Expiration time in seconds of the access token provided by Modulo Risk Manager.
scope: Not used by Modulo Risk Manager. Maintained for compatibility with the OAuth 2.0 standard.
SUCCESS RESPONSE EXAMPLE
A JSON object with information on the token that will be used to execute the features the application was authorized to access:
{
"access_token" : "949E24A904D3AD2C83C6F6C62F82C10A3B2E1870",
"token_type" : "bearer",
"expires_in" : "15552000",
"scope" : ""
}