-
Notifications
You must be signed in to change notification settings - Fork 10
Authentication
Emmanuel Bernier edited this page Aug 1, 2018
·
7 revisions
To authenticate, call the /oauth/token passing clientid, username, password. This will return an accessToken valid for 1h. You may then use this accessToken in your API calls.
- production endpoint = https://app.bic-boxtech.org/oauth/token
- sandbox endpoint = https://test-bic-container.herokuapp.com/oauth/token
Content-Type = application/x-www-form-urlencoded
Authorization = Basic <clientid>
Note : there is a blank space between "Basic" and the clientid
You will use the following value for clientid in your tests and in your app :
- for production and sandbox, clientid is YmljYXBwOmJpY3NlY3JldGFwcA==
grant_type = password
username = <your_username>
password = <your_password>
Parse the "accessToken" in the JSON response :
{
"accessToken": "3050740d58f5671071292657decf2f6656074a11",
"accessTokenExpiresAt": "2016-07-13T10:17:42.231Z",
"refreshToken": "f8c736c347715e63cd8f49f1e0c67ef9e94ec604",
"refreshTokenExpiresAt": "2016-07-27T09:17:42.231Z",
"client": {
"id": "1",
"client_id": "bicapp",
"client_secret": "bicsecretapp",
"grants": [
"password"
],
"redirectUris": [
null
]
},
"user": {
"id": "2",
"username": "johndoe@yourcompany.com",
"valid_email": true
},
"access_token": "3050740d58f5671071292657decf2f6656074a11"
}