Posted by on | Featured | No Comments

This article covers the basic authorization of a Client application which use a backend built using DotKernel API

Authorization Request

Client application users send a POST request to the backend containing the following JSON object:

{
"grant_type": "password",
"client_id": "{API_CLIENT}",
"client_secret": "{API_CLIENT_SECRET}",
"scope": "{SCOPE}",
"username": "{USERNAME/EMAIL}",
"password": "{PASSWORD}"
}

Authorization Response

If the credentials are correct, the API will return a JSON object containing the authentication data:

{
"token_type": "Bearer",
"expires_in": 86400,
"access_token": "...",
"refresh_token": "..."
}

When sending API requests to an endpoint which requires authorization, an Authorization header must be present containing the following data: "Bearer {access_token}", where {access_token} represents the content of the key with the same name found in the above response.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>