Generate OAuth token
post
/spms/access/token
Generates/refreshes an Oauth token
Uses the password grant (flow) mechanism. That is, it is designed to be used with applications that the system trusts. See: https://oauth.net/2/grant-types/password for the flow. In this call, you provide the username/password this POST supplies the OAUTH JSON token in return which you then supply to all calls in the authorization header field as a bearer token.
Refresh Token mode:
Allows you to get a new token using the refresh token instead of user/password. Use this to get an token when the application has a JWT token and it wants to extend access to the APIS without prompting the user for their user/password
operationId: authentication
Generating Token:Uses the password grant (flow) mechanism. That is, it is designed to be used with applications that the system trusts. See: https://oauth.net/2/grant-types/password for the flow. In this call, you provide the username/password this POST supplies the OAUTH JSON token in return which you then supply to all calls in the authorization header field as a bearer token.
Refresh Token mode:
Allows you to get a new token using the refresh token instead of user/password. Use this to get an token when the application has a JWT token and it wants to extend access to the APIS without prompting the user for their user/password
Request
Supported Media Types
- application/x-www-form-urlencoded
Root Schema : oAuthGrantRequest
Type:
Show Source
object
-
client_id:
string
Pattern:
^[a-zA-Z0-9 ]+?$
Client???s public identifier, indicates which client or application is performing the request. This field is mandatory.Example:clientid
-
grant_type:
string
Pattern:
password|refresh_token
Indicate the request type of OAuth grant. + `password` ??? for login use, require `username`, `password` and `client_id`. + `refresh_token` ??? to extend the current login session, require `client_id` and `refresh_token`.Example:<PASSWORD>
-
password:
string
Pattern:
^[a-zA-Z0-9 _,\\?/\\.\\-\\\\+\\*\n~!@#$%&{}\\[\\]()=<>\\|\\^\\":;@`]*$
Your password. Mandatory for `password` grant type request.Example:<PASSWORD>
-
refresh_token(optional):
string
Pattern:
^[A-Za-z0-9-_.]+$
Refresh token obtained from login authorization. Mandatory for `refresh_token` grant_type.Example:eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsic3Btcy1vYXV0aDItcmVzb3VyY2UiXSwidXNlcl9uYW1lIjoiaGVsbG8iLCJzY29wZSI6WyJBbGwiXSwib3JnYW5pemF0aW9uIjoiaGVsbG9DTmpiIiwiYXRpIjoiNTI1YTkzNzMtZjBhOC00Mzc3LTkzZDctN2Q5ZTAwZTIzMGI1IiwiZXhwIjoxNTY4NzQ4MTI0LCJhdXRob3JpdGllcyI6WyJBRE1JTiJdLCJqdGkiOiI2MTMxYTljNy05YTc3LTRmYmMtYWQyZi01YWNkOTQzM2E4MjQiLCJjbGllbnRfaWQiOiJjbGllbnRpZCJ9.gkCMb1VreAmBDI51wYTfDVyaYQsbfgznNl1tb8hUEEpXsPm0ZlaTFynLr_VUFae6AbF1bHsktSMmpLc9jndIVHAJ3dIoV9vTtngf3XffGcS_HhzlyhHZSFiLb4zFXjFUFJ1WmBMK6FYLr3mBsta4nAI3q7jeF_QEC2rJFIr8z3sHTK0jJyDFXzwcnuNVPhLiuZ42qOatcxB4oA5n07JhJOCbA9dIyl4yVZkxvZR484lUOI32_i2EE0yx05xgwDIwNJMbdxo5WF99J6IWSJO17jLb3K9JzlBEcBqL7Sq4XoNBKJ7u2buDaWpxlgPh84gohT_8dqCKt8r7sKWwQDgyvg
-
username:
string
Pattern:
^[A-Za-z0-9-_.]{2,20}$
Your user name. Mandatory for `password` grant type request.Example:<UserName>
Response
Supported Media Types
- application/json
200 Response
Successful - Username/password correct and token returned.
Root Schema : schema
Type:
Show Source
object
-
access_token:
string
Pattern:
^[A-Za-z0-9-_.]+$
An authorization token for clients to send in API requests.Example:eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsic3Btcy1vYXV0aDItcmVzb3VyY2UiXSwidXNlcl9uYW1lIjoiaGVsbG8iLCJzY29wZSI6WyJBbGwiXSwib3JnYW5pemF0aW9uIjoiaGVsbG9DTmpiIiwiZXhwIjoxNTY4NzMwMTI0LCJhdXRob3JpdGllcyI6WyJBRE1JTiJdLCJqdGkiOiI1MjVhOTM3My1mMGE4LTQzNzctOTNkNy03ZDllMDBlMjMwYjUiLCJjbGllbnRfaWQiOiJjbGllbnRpZCJ9.T97KAuIlw0hEwG6t8s7SlZo8A9C0wVH5m9RzUAQacWwE4EV_wAPdrYnjHTbTdhnyHhVE4amxm8za3VSBG9IakG2ij5nqcg4Nq-MkRbDsyh-e7AMOSu9ZCnw6JfwVconRqJwDVgiR0IA83ZqgiC5h31vuXY7PUmpdxQ-6Lc1wynA_lWoGthevhTCVJWXIprum68CdvH6D-DAUK4p1fzPL20Q-cR0pQmkEiE-RMmEtglCqknsIPsVzB_Yz7B7n5ECuHtcuFME4VZSZcydXN1x0vZsqPINH4QBW0-PNDO9Zk1iWEGiRml_Ccc914b4yAVlhyCG77X5lmB1DUTNjla88Kw
-
expires_in:
number
Minimum Value:
0
The remaining time in seconds before the token expires.Example:3599
-
jti:
string
Pattern:
^[A-Za-z0-9-_.]+$
Unique Id for the token. Not used in SPMS but returned from completeness.Example:525a9373-f0a8-4377-93d7-7d9e00e230b5
-
organization:
string
Pattern:
^[A-Za-z0-9-_.]+$
Organization of the user.Example:COMPANY
-
refresh_token:
string
Pattern:
^[A-Za-z0-9-_=]+\.[A-Za-z0-9-_=]+\.?[A-Za-z0-9-_.+/=]*$
A token to be used to retrieve a new access token.Example:eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsic3Btcy1vYXV0aDItcmVzb3VyY2UiXSwidXNlcl9uYW1lIjoiaGVsbG8iLCJzY29wZSI6WyJBbGwiXSwib3JnYW5pemF0aW9uIjoiaGVsbG9DTmpiIiwiYXRpIjoiNTI1YTkzNzMtZjBhOC00Mzc3LTkzZDctN2Q5ZTAwZTIzMGI1IiwiZXhwIjoxNTY4NzQ4MTI0LCJhdXRob3JpdGllcyI6WyJBRE1JTiJdLCJqdGkiOiI2MTMxYTljNy05YTc3LTRmYmMtYWQyZi01YWNkOTQzM2E4MjQiLCJjbGllbnRfaWQiOiJjbGllbnRpZCJ9.gkCMb1VreAmBDI51wYTfDVyaYQsbfgznNl1tb8hUEEpXsPm0ZlaTFynLr_VUFae6AbF1bHsktSMmpLc9jndIVHAJ3dIoV9vTtngf3XffGcS_HhzlyhHZSFiLb4zFXjFUFJ1WmBMK6FYLr3mBsta4nAI3q7jeF_QEC2rJFIr8z3sHTK0jJyDFXzwcnuNVPhLiuZ42qOatcxB4oA5n07JhJOCbA9dIyl4yVZkxvZR484lUOI32_i2EE0yx05xgwDIwNJMbdxo5WF99J6IWSJO17jLb3K9JzlBEcBqL7Sq4XoNBKJ7u2buDaWpxlgPh84gohT_8dqCKt8r7sKWwQDgyvg
-
scope:
string
Scope of use of this token.
-
token_type:
string
Pattern:
bearer
The type of token returned. Currently always return `bearer`.Example:bearer
Example Response (application/json)
{
"access_token":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsic3Btcy1vYXV0aDItcmVzb3VyY2UiXSwidXNlcl9uYW1lIjoiaGVsbG8iLCJzY29wZSI6WyJBbGwiXSwib3JnYW5pemF0aW9uIjoiaGVsbG9DTmpiIiwiZXhwIjoxNTY4NzMwMTI0LCJhdXRob3JpdGllcyI6WyJBRE1JTiJdLCJqdGkiOiI1MjVhOTM3My1mMGE4LTQzNzctOTNkNy03ZDllMDBlMjMwYjUiLCJjbGllbnRfaWQiOiJjbGllbnRpZCJ9.T97KAuIlw0hEwG6t8s7SlZo8A9C0wVH5m9RzUAQacWwE4EV_wAPdrYnjHTbTdhnyHhVE4amxm8za3VSBG9IakG2ij5nqcg4Nq-MkRbDsyh-e7AMOSu9ZCnw6JfwVconRqJwDVgiR0IA83ZqgiC5h31vuXY7PUmpdxQ-6Lc1wynA_lWoGthevhTCVJWXIprum68CdvH6D-DAUK4p1fzPL20Q-cR0pQmkEiE-RMmEtglCqknsIPsVzB_Yz7B7n5ECuHtcuFME4VZSZcydXN1x0vZsqPINH4QBW0-PNDO9Zk1iWEGiRml_Ccc914b4yAVlhyCG77X5lmB1DUTNjla88Kw",
"token_type":"bearer",
"refresh_token":"eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOlsic3Btcy1vYXV0aDItcmVzb3VyY2UiXSwidXNlcl9uYW1lIjoiaGVsbG8iLCJzY29wZSI6WyJBbGwiXSwib3JnYW5pemF0aW9uIjoiaGVsbG9DTmpiIiwiYXRpIjoiNTI1YTkzNzMtZjBhOC00Mzc3LTkzZDctN2Q5ZTAwZTIzMGI1IiwiZXhwIjoxNTY4NzQ4MTI0LCJhdXRob3JpdGllcyI6WyJBRE1JTiJdLCJqdGkiOiI2MTMxYTljNy05YTc3LTRmYmMtYWQyZi01YWNkOTQzM2E4MjQiLCJjbGllbnRfaWQiOiJjbGllbnRpZCJ9.gkCMb1VreAmBDI51wYTfDVyaYQsbfgznNl1tb8hUEEpXsPm0ZlaTFynLr_VUFae6AbF1bHsktSMmpLc9jndIVHAJ3dIoV9vTtngf3XffGcS_HhzlyhHZSFiLb4zFXjFUFJ1WmBMK6FYLr3mBsta4nAI3q7jeF_QEC2rJFIr8z3sHTK0jJyDFXzwcnuNVPhLiuZ42qOatcxB4oA5n07JhJOCbA9dIyl4yVZkxvZR484lUOI32_i2EE0yx05xgwDIwNJMbdxo5WF99J6IWSJO17jLb3K9JzlBEcBqL7Sq4XoNBKJ7u2buDaWpxlgPh84gohT_8dqCKt8r7sKWwQDgyvg",
"expires_in":3599,
"scope":"All",
"organization":"COMPANY",
"jti":"525a9373-f0a8-4377-93d7-7d9e00e230b5"
}
400 Response
Bad Request
Root Schema : schema
Type:
Show Source
object
-
error(optional):
string
Pattern:
^[A-Za-z0-9-_.]+$
Code representing the reason why the attempt to authenticate the user failed.Example:invalid_grant
-
error_description(optional):
string
Pattern:
^[A-Za-z0-9-_.]+$
Short human readable description of why the attempt to authenticate failed.Example:Bad credentials
Example Response (application/json)
{
"error":"invalid_grant",
"error_description":"Bad credentials"
}
401 Response
Unauthorized
Root Schema : schema
Match All
Show Source
-
object
Error Response
Title:
Error Response
Error Response returned when encountered error
Example:
{
"type":"HTTP://www.w3.org/Protocols/rfc2616/rfc2616-sec10.html#sec10.4.2",
"title":"Unauthorized",
"detail":"Valid token is required to access this resource"
}
Nested Schema : Error Response
Type:
object
Title:
Error Response
Error Response returned when encountered error
Show Source
403 Response
Forbidden
Example Response (application/json)
{
"error":"access_denied",
"error_description":"The user has been locked out for 30 mins"
}
500 Response
Internal Server Error
Root Schema : schema
Type:
Show Source
object
-
error(optional):
string
Pattern:
^[A-Za-z0-9-_.]+$
Code representing the reason why the attempt to authenticate the user failed.Example:server_error
-
error_description(optional):
string
Pattern:
^[A-Za-z0-9-_.]+$
Short human readable description of why the attempt to authenticate failed.Example:Internal Server Error
Example Response (application/json)
{
"error":"server_error",
"error_description":"Internal Server Error"
}