Client CredentialsΒΆ
In this grant type, there is no user interaction. The development partner requests a token for their client credentials directly.
Access Token Request:
curl -i --user pekfaf6jxk6suyXXXXXXXXXX:XXXXXXXXXX -d "grant_type=client_credentials" "https://api.carvoyant.com/oauth/token"
The response will include a json body with the access token information.
Access Token Response:
HTTP/1.1 200 OK
Cache-Control: no-store
Content-Type: application/json;charset=UTF-8
Date: Mon, 28 Apr 2014 14:57:20 GMT
Server: Mashery Proxy
X-Mashery-Responder: prod-j-worker-us-east-1d-32.mashery.com
Content-Length: 161
Connection: keep-alive
{
"token_type":"bearer",
"mapi":"pekfaf6jxk6suyXXXXXXXXXX",
"access_token":"n45u7eufgdmfysXXXXXXXXXX",
"expires_in":86400,
"refresh_token":"r9acw76k327g3cXXXXXXXXXX"
}
At this point, the development partners system would store the access token and refresh token and use them for future requests.