createAccessToken
Description
Creates access token for the flow indicated by response and grant type. Individual parameters are validated based on the indicated flow.
Syntax
oauth2.createAccessToken (service_key, client, token_data, uri, user_context)
Parameters
| Parameter | Type | Description |
| service_key | string | The id of the OAuth 2.0 protected service definition |
| client | client object | A client object containing at least the client_id |
| token_data | token_data object | A token data object with parameters passed by oauth client populated. |
| uri | uri object | URI data used to redirect to after issuing authorization code. If redirect URI validation is mandated by the API administrator, this will be validated against the pre-registered redirect URI. The uri must be escaped in order be be accepted. See sample value in code below. |
| user_context | string | Optional provider-defined user context identifier (typically only available when request_type is "token" or grant_type is "password") |
Return Value
{
"return_type": <type of response required: string; one of "json" or "redirect">,
"access_token": <access token: string>,
"token_type": <token type: string; one of "bearer", "mac", or a supported extension>,
"expires_in": <token expiration: int; optional token expiration in seconds>,
"refresh_token": <refresh token: string, null; optional>,
"scope": <any scope for token: string, null; optional>,
"state": <any state to pass in response: string, null; optional>,
"uri": <for "redirect" return_type, object contains fully populated redirect uri and related
information: uri, null; optional>,
"extended": <any extended token information such as mac data required in response; object, null;
optional>
}
Errors (in addition to standard JSON-RPC errors)
|
JSON-RPC Code |
Error Message |
Description |
|
-2001 |
An OAuth related error has occurred |
An error has occurred pertaining to the OAuth operation. Please check the corresponding structure in the error object for specific details. |
Sample Requests and Responses
Sample Request (Ordered Parameters)
{
"method":"oauth2.createAccessToken",
"params":[
"rmeqcgpw3zu2y47y9bs8vs2h",
{
"client_id":"tkr7f25gd6452zy8rjsf7bwd",
"client_secret":"q13rupuifd"
},
{
"grant_type":"authorization_code",
"scope":"myscope",
"code":"SlAV32hkKG",
"response_type":null,
"refresh_token":""
},
{
"redirect_uri":"https:\/\/client.example.com\/cb"
},
"user12345"
],
"id":1
}
Sample Request (Named Parameters)
{
"jsonrpc":"2.0",
"method":"oauth2.createAccessToken",
"params":{
"service_key":"rmeqcgpw3zu2y47y9bs8vs2h",
"client":{
"client_id":"tkr7f25gd6452zy8rjsf7bwd",
"client_secret":"q13rupuifd"
},
"token_data":{
"grant_type":"authorization_code",
"scope":"myscope",
"code":"SlAV32hkKG",
"response_type":null,
"refresh_token":""
},
"uri":{
"redirect_uri":"https:\/\/client.example.com\/cb"
},
"user_context":"user12345"
},
"id":1
}
Sample Response
{
"result":{
"return_type":"json",
"access_token":"SlAV32hkKG",
"token_type":"mac",
"expires_in":3600,
"refresh_token":"8xLOxBtZp8",
"scope":"myscope",
"state":null,
"uri":null,
"extended":{
"secret":"adijq39jdlaska9asud",
"algorithm":"hmac-sha-256"
}
},
"error":null,
"id":1
} Docs Navigation
- API Documentation Portal
- IO Docs Definition
- Mashery API Documentation
- Mashery 3.0 API Guide
- Mashery 2.0 API Guide
- OAuth Supporting Methods
- Examples
- JSON RPC
- Authentication
- API Objects
- Fetching Objects
- Query Language
- Creating Objects
- Updating Objects
- Validating Fields
- Deleting Objects
- Applications
- General Object Methods
- Members
- Packages
- Plans
- Package Keys
- Keys
- Developer Classes
- Services
- Roles
- Mashery 2.0 Reporting API Guide
- Event Trigger API
- Differences between Roles and Portal Access Groups
- Managing a Portal Access Group Using Mashery V2 or V3 API
- Mashery Reporting Event Post API Guide
- Tips and Tricks
- Your Portal
- API Traffic Manager
- I/O Docs WSDL requirements