The Resource Owner Password Credentials Grant can be used to exchange a user's email address and a password with an access token. The access token is then used to make requests to the Gini API on behalf of the user.
//authenticating on behalf of a user
curl -v -X POST --data-urlencode
'username=some_user@example.com'
--data-urlencode 'password=supersecret'
-H 'Content-Type: application/x-www-form-urlencoded'
-H 'Accept: application/json'
-u 'client-id:secret' 'https://user.gini.net/oauth/token?grant_type=password'
Request
Key | Description |
|---|---|
| The user's email address. |
| The user's password. |
Note that the client should authenticate itself using basic HTTP access authentication with its ID as a username and its secret as a password.
POST /oauth/token?grant_type=password HTTP/1.1
Authorization: Basic Y2xpZW50LWlkOnNlY3JldA==
Host: user.gini.net
Accept: application/json
Content-Type: application/x-www-form-urlencoded
username=some_user@example.com&password=supersecret
//example response
{
"access_token":"6c470ffa-abf1-41aa-b866-cd3be0ee84f4",
"token_type":"bearer",
"expires_in":3599
}
//The returned access token can now be used to make requests to the Gini Pay API on behalf of the user. To do so, send the access token as a bearer token in the Authorization request header:
GET /documents HTTP/1.1
Host: pay-api.gini.net
Authorization: BEARER 6c470ffa-abf1-41aa-b866-cd3be0ee84f4
Accept: application/vnd.gini.v1+json
Connection: close