Page Properties | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||
|
The Resource Owner Password Credentials Grant can be used to exchange a user's email address and a password with an access token. The access token can is then be used to make requests to the Gini API on behalf of the user.
Code Block | ||
---|---|---|
| ||
//authenticating on behalf of a user curl -v -X POST --data-urlencode 'username=some_user@example.com' --data-urlencode 'password=supersecret' -H 'Content-Type: application/x-www-form-urlencoded' -H 'Accept: application/json' -u 'client-id:secret' 'https://user.gini.net/oauth/token?grant_type=password' |
Request
Key | Description |
---|---|
| The user's email address. |
| The user's password. |
Note that the client must should authenticate itself using basic HTTP access authentication with its ID as a username and its secret as a password.
Code Block | ||
---|---|---|
| ||
POST /oauth/token?grant_type=password HTTP/1.1 Authorization: Basic Y2xpZW50LWlkOnNlY3JldA== Host: user.gini.net Accept: application/json Content-Type: application/x-www-form-urlencoded username=some_user@example.com&password=supersecret //example response { "access_token":"6c470ffa-abf1-41aa-b866-cd3be0ee84f4", "token_type":"bearer", "expires_in":3599 } //The returned access token can now be used to make requests to the Gini Pay API on behalf of the user. To do so, send the access token as a bearer token in the Authorization request header: GET /documents HTTP/1.1 Host: pay-api.gini.net Authorization: BEARER 6c470ffa-abf1-41aa-b866-cd3be0ee84f4 Accept: application/vnd.gini.v1+json Connection: close |
If your client is configured, you will also receive a refresh token in the token api response. By providing the received refresh token, you can get a new access token by calling token endpoint with refresh_token grant_type.
Code Block |
---|
// Getting access token by providing refresh token
curl -v -X POST --data-urlencode 'grant_type=refresh_token'\
--data-urlencode 'refresh_token=<refresh_token_received_from_token_api>' \
-H 'Content-Type: application/x-www-form-urlencoded' \
-H 'Accept: application/json' \
-u "client-id:client-secret" \
'https://user.gini.net/oauth/token' |