Citesphere Documentation

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

Citesphere uses OAuth2 for handling authentication and authorization. You can use any form of OAuth Client to get the token, which needs to be passed to other APIs as a header.

Get Access Token

ENDPOINT URL POST /api/v1/oauth/token

Query Parameters

Name

Type

Description

client_id

string

Required. The client ID you received from Citesphere for your App.

client_secret

string

Required. The client secret you received from Citesphere for your App.

code

string

Required. The code you received as a response after the user gave the permission

redirect_uri

string

The URL of the application you configured in Citesphere

state

string

The unguessable random string you provided during the authorization step

grant_type

string

Use authorization_code for retrieving anaccess_token.

For a list of values, check https://auth0.com/docs/applications/application-grant-types

Response

{
    "access_token": "2c7c0f10-adf5-47d2-a931-caeea29464ed",
    "token_type": "bearer",
    "refresh_token": "0d06219a-1b49-4925-9220-ef3b9810f09d",
    "expires_in": 406,
    "scope": "read"
}

  • expires_in specifies the number of seconds remaining for the access_token to expire.

  • You should use the access_token as the Bearer token header for accessing any resource.

    • Header Name - Authorization

    • Header Value - Bearer 2c7c0f10-adf5-47d2-a931-caeea29464ed

  • You should use the refresh_token in order to get a new access_token once it is expired

  • No labels