Access Tokens

Overview

This document provides information on generating and renewing access tokens.

You can generate your OAuth2 access token in the API Directory . However, this method is only suggested for when you are testing the features of the API as the access token is only valid for a short period. When you want to embed an API from the API Directory in your application, you want to have your code generate and renew the tokens. To do this, you want to use the token service. This service allows you to pro-grammatically retrieve your access token by supplying your client ID and secret. Follow the steps below.

  1. Save your client ID and client secret from the API Directory when you create your application. These are displayed only once when the application is created.
  2. Combine the client ID and client secret keys in the format: client-ID:client-secret. Encode the combined string using base64. Most programming languages have a method to base64 encode a string. For an example of encoding to base64, visit Base64 Decode and Encode site.
  3. Execute a POST call to the token API to get an access token.

Please follow the below steps to get the proper url for the OAuth Token API.

category menu

  • Click on the API you want to test from the left section.
  • Click on the resource under the API.

category menu

 

  • To the right, you will see some relevant information. Scroll down and check the Try this Operation section.

category menu

  • You will find the OAuth token url and the scope from the above section. Use that information and formulate the Token url like below.

https://apigw.it.umich.edu/um/bf/oauth2/token?grant_type=client_credentials&scope=<< ScopeName>>

Required Headers :

Authorization : Basic << Base64 encoded Clientid:ClientSecret>>

Note: The url and scope for the token url may be different for each API. Remove the << >> in the above urls when using the actual values.

Sample CUrl command for getting OAuth access token:

curl -d "grant_type=client_credentials&scope=vendor" -H "Authorization: Basic ODJiYzZhYjQtNDFiNi00NGY2LTk2ZUOFMxM2Q1MDM4Y2EwOlk2aEE0YkI0Z0M1YkcyeUQ0bUEzckw4dFA4bVcwdgoblueeEU0dUsxZEIxZ1UwdEQy" -X POST https://apigw.it.umich.edu/um/bf/oauth2/token

Below is a sample response to the token API call:

{ "token_type":"bearer", "access_token":"AAEkODJiYzZhYjQtNDFiNi00NGY2LTk2ZWQtNzYxM2Q1MDM4Y2EwkgrsGzCvrv3GUEhs_Hzw05Jvp6xx1Q_D5vfGoxKih9M0ITSYI-tE8DDhrS6y8gm1qGnpchj0lMjGm8poWy6Ug05TtTduxZdIuGrEkgsN8qBt@kiNsK6C7zY662LU5CHS", "expires_in":3600, "scope":"vendor" }

Use the access token above in the Authentication header to call APIs. If you want to generate a brand new Access Token, you can repeat the call in step 3 at any time.

To visit the API Directory, click here.

 

Last Updated: 
Tuesday, May 30, 2017