Posted by on | Featured | No Comments

This article covers the basic authorization of a Client application which use a backend built using DotKernel API

Authorization Request

Client application users send a POST request to the backend containing the following JSON object:

{
"grant_type": "password",
"client_id": "{API_CLIENT}",
"client_secret": "{API_CLIENT_SECRET}",
"scope": "{SCOPE}",
"username": "{USERNAME/EMAIL}",
"password": "{PASSWORD}"
}

Authorization Response

If the credentials are correct, the API will return a JSON object containing the authentication data:

{
"token_type": "Bearer",
"expires_in": 86400,
"access_token": "...",
"refresh_token": "..."
}

When sending API requests to an endpoint which requires authorization, an Authorization header must be present containing the following data: "Bearer {access_token}", where {access_token} represents the content of the key with the same name found in the above response.

Looking for PHP, Laminas or Mezzio Support?

As part of the Laminas Commercial Vendor Program, Apidemia offers expert technical support and services for:

  • Migration from Laminas MVC to Mezzio or Dotkernel Headless Platform.
  • Migration from legacy Laminas API Tools (formerly Apigility) to Dotkernel API
  • Mezzio and Laminas Consulting and Technical Audit
  • Modernising Legacy Applications
    • Talk to an Expert

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>