Skip to main content

Authorizations

tip

Need some changes ? More endpoints ? Please open a github issue or contact us at love@misakey.com.

note

Values used in the examples are fake and do not correspond to any real values.

Client Credentials Flow#

The endpoint follows the OAuth2.0 protocol for Access Token Request and Access Token Response.

Request#

Endpoint:

POST https://auth.misakey.com/_/oauth2/token
Content-type: application/x-www-form-urlencoded

Request Body:

grant_type=client_credentials&scope=&client_id=14737581-2073-4413-8bcc-e7c6f614324d&client_secret=4m7xvY1EK3G5pEv+m5nMmGyrkWxyiWu/M78fFtD2Xl0=

with

  • grant_type: (string) client_credentials must be set as it is the flow requested. Others would lead to a failure error.
  • scope: (string) should be empty. We don't handle special scope for organization as off today.
  • client_id: (string) (uuid) the unique id of your organization.
  • client_secret: (string) the secret of your organization.
Response#

Response Headers:

Content-Type: application/json;charset=UTF-8
Cache-Control: no-store
Pragma: no-cache

Response Body:

{
"access_token":"2YotnFZFEjr1zCsicMWpAA",
"token_type":"bearer",
"expires_in":3600,
"scope": ""
}

with:

  • access_token: (string) the bearer token owning your organization authorizations.
  • token_type: (string) the type of token delivered (always set to bearer).
  • expires_in: (integer) the number of seconds before the token will expire. A new token must be generated at this moment. Ideally you should renew it just before the last delivered is expired.
  • scope: (string) scopes contained in the token. An empty string today.