Client credentials can be used when the authorization scope is limited to the protected resources belonging to the client. Client credentials are used as an authorization grant when the client requests access to protected resources based on an authorization previously arranged with the authorization server. The client application requests an access token from the authorization server, authenticating the request with its client key and client secret. If the client is successfully authenticated, an access token is returned.
Invoking the Token API to generate the tokens
- Get a valid consumer key and consumer secret pair. Initially, you generate these keys through the API Store by clicking the Generate Keys button on the Production Keys tab of the application.
- Combine the consumer key and consumer secret keys in the format
consumer-key:consumer-secretand encode the combined string using base64 ( http://base64encode.org ). Use the following sample cuRL command to obtain the access token.
curl -k -d "grant_type=client_credentials" -H "Authorization: Basic <Base64 encoded client_key:client_secret>, Content-Type: application/x-www-form-urlencoded" https://localhost:port/token
You receive a response similar to the following.
{"token_type":"Bearer","expires_in":2061,"access_token":"ca19a540f544777860e44e75f605d927"}