...
Obtain the client credentials using the dynamic-client-registration service.
Localtabgroup Localtab active true title cURL Code Block curl -k -H "Content-Type: application/json" -X POST -d '{"owner":"<OWNER>","clientName":"<CLIENT_NAME>","grantType":"<GRANT_TYPE>","tokenScope":"<TOKEN_SCOPE>"}' https://<EMM_HOST>:<EMM_HTTPS_PORT>/dynamic-client-web/register
- Provide the username as the value for
<OWNER>
. Provide the name of the service provider ID as the value for
<CLIENT_NAME>
.Info Expand title Click here for more information to getting the service provider ID Follow the steps given below to get the service provide ID:
- Sign in to the EMM Management Console.
- Navigate to the Main tab.
- Click List under Service Providers to get the list of service providers used in WSO2 EMM. The
emm_admin
service provide ID is used to generate the OAuth 2.0 access token.
Provide the space delimited list of OAuth2 grant-types as the value for
<GRANT_TYPE>
. Out of the six OAuth 2.0 grant types WSO2 EMM uses therefresh_token
,password
andclient_credentials
grant types to generate the access token.- Provide the scope of the issued access-token as the value for
<TOKEN_SCOPE>
. If you are in the production environment, you can provide the scope asPRODUCTION
orprod
and if you are in the testing environment, you can provide the scope assandbox
. - By default,
<EMM_HOST>
islocalhost.
However, if you are using a public IP, the respective IP address or domain needs to be specified. - By default,
<EMM_HTTPS_PORT>
has been set to 9443. However, if the port offset has been incremented byn
, the default port value needs to be incremented byn
.
Example:
Code Block curl -k -H "Content-Type: application/json" -X POST -d '{"owner":"admin","clientName":"admin_emm","grantType":"refresh_token password client_credentials","tokenScope":"prod"}' https://localhost:9443/dynamic-client-web/register
Localtab title Sample output Code Block {"client_secret":"p8g_rFXtbPjl5pGMJe4bNd5fwSEa","callback_url":null,"client_id":"f8fc0aI14DPrQ_DwkpSau1LGdwAa","client_name":"admin_admin_emm"}
- Provide the username as the value for
- Encode the client credentials as follows:
- Access any base64 encoder.
For example: https://www.base64encode.org/ - Enter the OAuth2 Consumer Key and OAuth2 Consumer Secret in the following format in the encoder input section:
<CLIENT_ID>:<CLIENT_SECRET>
For example:
f8fc0aI14DPrQ_DwkpSau1LGdwAa:p8g_rFXtbPjl5pGMJe4bNd5fwSEa
- Click Encode to generate the encoded key.
The following is an example of an encoded key:
cDhnX3JGWHRiUGpsNXBHTUplNGJOZDVmd1NFYTpmOGZjMGFJMTREUHJRX0R3a3BTYXUxTEdkd0Fh
- Access any base64 encoder.
Generate the access token using the following command:
Localtabgroup Localtab active true title cURL Code Block curl -k -d "grant_type=password&username=<USERNAME>&password=<PASSWORD>&scope=<SCOPE>" -H "Authorization: Basic <ENCODED_KEY>" -H "Content-Type: application/x-www-form-urlencoded" https://<EMM_HOST>t:<EMM_HTTPS_PORT>/oauth2/token
- By default,
<EMM_HOST>
islocalhost.
However, if you are using a public IP, the respective IP address or domain needs to be specified. - By default,
<EMM_HTTPS_PORT>
has been set to 9443. However, if the port offset has been incremented byn
, the default port value needs to be incremented byn
.
Code Block curl -k -d "grant_type=password&username=admin&password=admin&scope=default " -H "Authorization: Basic X1ZpREJUMWJUSHF5eXFfR1Y0UWJoc0V6X1IwYTpLdzIxV1JPRmYyeTc4RGViMXY0UGpoRkdydGhq" -H "Content-Type: application/x-www-form-urlencoded" https://localhost:9443/oauth2/token
Localtab title Sample Output Code Block {"scope":"default","token_type":"Bearer","expires_in":3600,"refresh_token":"3918597abb7d24f7ac4dbc9173b63e56","access_token":"c11f5e10c1dccabacec6a5741d2037dd"}
Info The above command generates an access token and a refresh token.
For more information on generating the access token and the refreshing the token at the time a token is renewed, see WSO2 APIM documentation on Token API.- By default,
...