This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

The client credentials grant is suitable for machine-to-machine authentication or for clients making requests to an API that does not require the user’s permission. Only trusted clients must be allowed to use this grant type.

In this grant type, the client requests an access token using only the client credentials to authenticate a request for an access token.This does not have support for refresh token grant - No

The cURL commands below can be used to try this grant type.

 

app dev can use this grant type to authenticate apps.

curl -v -X POST -H "Authorization: Basic <base64 encoded client id:client secret value>" -k -d "grant_type=client_credentials" -H "Content-Type:application/x-www-form-urlencoded" https://gateway.api.cloud.wso2.com:443/token
 curl -u <client id>:<client secret> -k -d "grant_type=client_credentials" -H "Content-Type:application/x-www-form-urlencoded" https://localhost:9443/oauth2/token

You will receive a response similiar to the format below. 

Response
{"token_type":"Bearer","expires_in":2061,"access_token":"ca19a540f544777860e44e75f605d927"}
  • No labels