OAuth 2.0 Bearer Tokens (Access Tokens) are used to authenticate API v2 requests.
How to obtain an Access Token
The Client Credentials Flow may be used to obtain an access token.
The following response is an example of the end result of the flow:
{ "access_token": "6iqofj5zHR5bfZFlpqJxuLP5bA1uWKnOAt9kaaAwTf8", "token_type": "Bearer", "expires_in": 10800, "refresh_token": "1uX26iFkuilkx6KoACjt3yrtcDshTSt2MxJy8EVS3AM", "scope": "public", "created_at": 1604986678 }
Client Credentials Flow
This flow uses an authorized Application in CGR Foundation to obtain an access token.
Create an Application in admin to obtain client_id and client_secret.
Perform the following request to obtain an access_token
POST https://example.cgrfoundation-staging.com/oauth/token BODY grant_type: client_credentials client_id: <client_id> client_secret: <client_secret> scope: public
Example cURL request:
curl --request POST \ --url https://example.cgrfoundation-staging.com/oauth/token \ --data grant_type=client_credentials \ --data client_id=<client_id> \ --data client_secret=<client_secret> \ --data scope=public
How to use an Access Token
You may perform the following request to verify the access_token is working:
GET https://example.cgrfoundation-staging.com/api/v2/users/current.json HEADER authorization: bearer <access_token>
Example cURL request:
curl --request GET \ --url https://example.cgrfoundation-staging.com/api/v2/users/current.json \ --header 'authorization: bearer <access_token>'
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article