Page tree
Skip to end of metadata
Go to start of metadata

The authorization Code Grant type is the most commonly used because it is optimized for server-side applications, where source code is not publicly exposed, and Client Secret confidentiality can be maintained.

Code Grant Flow:

Send a GET request to  <OAUTH2_SERVER_URL >/auth?params…

OAuth 2.0 Server is sending a time limited code to the registered <callback_url>.


Example C# code:
var client = new RestClient(Config.OAUTH2_SERVER_URL);

var request = new RestRequest("auth", Method.GET);
 

request.AddQueryParameter("response_type", "code");

request.AddQueryParameter("redirect_uri", Config.CALLBACK_URI);

request.AddQueryParameter("client_id", Config.CLIENT_ID);

request.AddQueryParameter("client_secret", Config.CLIENT_SECRET);

request.AddQueryParameter("uri", "myUri");

request.AddQueryParameter("state", "myState");

request.AddQueryParameter("scope", "write");

Send a POST request to to  <OAUTH2_SERVER_URL >/token?params…

When you add the received <CODE> server response with a json object with your access_token.

Example C# code:
var client = new RestClient(Config.OAUTH2_SERVER_URL);
var request = new RestRequest("token", Method.POST);

request.AddHeader("Content-Type", "application/x-www-form-urlencoded");

 

request.AddQueryParameter("grant_type", "authorization_code");

request.AddQueryParameter("redirect_uri", Config.CALLBACK_URI);

request.AddQueryParameter("client_id", Config.CLIENT_ID);

request.AddQueryParameter("client_secret", Config.CLIENT_SECRET);

request.AddQueryParameter("code", <CODE>);

Example Json Response:

{"access_token": "a49765jhfhgs.....", "refresh_token": "8768ehg3uyu34r....", "expires_in":1516714140406}

 

Step 3: Request Data from GAPI

Send a GET / POST request to to  <RESOURCE_SERVER_URL>/gapi/v1/path….

Depending on called POST method you sometimes need to add:
"Content-Type","application/x-www-form-urlencoded"
to the Header.

Add the received < access_token > in the Request Header.

You are now authenticated against GAPI with roles defined in More Service.


Example C# code:
var client = new RestClient(Config.RESOURCE_SERVER_URL);

var request = new RestRequest(Config.RESOURCE_SERVER_PATH, Method.GET);


request.AddHeader("Authorization", "Bearer " + < access_token >);

request.AddHeader("Content-Type", "application/json");

 

  • No labels