The authorization Code Grant type is the most commonly used because it is optimized for server-side applications, where source code is not publicly exposed, and Client Secret confidentiality can be maintained.
Code Grant Flow:
Step 1: Authorization Code Link
Send a GET request to <OAUTH2_SERVER_URL >/auth?params…
Oath2Server is sending a time limited code to the registered <callback_url>.
Example C# code:
Code Block | ||||
---|---|---|---|---|
| ||||
var client = new RestClient(Config.OAUTH2_SERVER_URL);
var request = new RestRequest("auth", Method.GET);
request.AddQueryParameter("response_type", "code");
request.AddQueryParameter("redirect_uri", Config.CALLBACK_URI);
request.AddQueryParameter("client_id", Config.CLIENT_ID);
request.AddQueryParameter("client_secret", Config.CLIENT_SECRET);
request.AddQueryParameter("uri", "myUri");
request.AddQueryParameter("state", "myState");
request.AddQueryParameter("scope", "write"); |
Step 2: Token Link
Send a POST request to to <OAUTH2_SERVER_URL >/token?params…
When you add the received <CODE> server response with a json object with your access_token.
Example C# code:
var client = new RestClient(Config.OAUTH2_SERVER_URL);
var request = new RestRequest("token", Method.POST);
request.AddHeader("Content-Type", "application/x-www-form-urlencoded");
request.AddQueryParameter("grant_type", "authorization_code");
request.AddQueryParameter("redirect_uri", Config.CALLBACK_URI);
request.AddQueryParameter("client_id", Config.CLIENT_ID);
request.AddQueryParameter("client_secret", Config.CLIENT_SECRET);
request.AddQueryParameter("code", <CODE>);
Example Json Response:
{"access_token": "a49765jhfhgs.....", "refresh_token": "8768ehg3uyu34r....", "expires_in":1516714140406}
Step 3: Request Data from GAPI
Send a GET / POST request to to <RESOURCE_SERVER_URL>/gapi/v1/path….
Depending on called POST method you sometimes need to add:
"Content-Type","application/x-www-form-urlencoded"
to the Header.
Add the received < access_token > in the Request Header.
You are now authenticated against GAPI with roles defined in TMS.
Example C# code:
var client = new RestClient(Config.RESOURCE_SERVER_URL);
var request = new RestRequest(Config.RESOURCE_SERVER_PATH, Method.GET);
request.AddHeader("Authorization", "Bearer " + < access_token >);
request.AddHeader("Content-Type", "application/json");