This site contains the documentation that is relevant to older WSO2 product versions and offerings.
For the latest WSO2 documentation, visit https://wso2.com/documentation/.

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

Flow

The client can request an access token using only its client credentials with this grant type. This grant type is similar to resource owner password credentials grant type except only the client’s credentials are used to authenticate a request for an access token.

Recommended Use

This grant is suitable for machine-to-machine authentication or for a client making requests to an API that don’t require user’s permission. Again this grant should only be allowed to be used by trusted clients.

Support for refresh token grant - No

You can try Client credentials grant type with WSO2 Identity Server and WSO2 OAuth2 Playground sample as described here.

Bellow curl commands can be used to try this grant type.

curl -v -X POST -H "Authorization: Basic <base64 encoded client id:client secret value>" -k -d "grant_type=client_credentials" -H "Content-Type:application/x-www-form-urlencoded" https://localhost:9443/oauth2/token
 curl -u <client id>:<client secret> -k -d "grant_type=client_credentials" -H "Content-Type:application/x-www-form-urlencoded" https://localhost:9443/oauth2/token

You will receive a response in the bellow format.

{"token_type":"Bearer","expires_in":2061,"access_token":"ca19a540f544777860e44e75f605d927"}
  • No labels