The RESTful API exposes the OAuth function described in this section.
The OAuth Authentication endpoint is used to authenticate end-users and generate an access token, which will be used to authenticate requests on behalf of the end-user. For this endpoint, you will need your OAuth Client ID and OAuth Client Secret, which you can view by signing in to the Afero Profile Editor, then going to the operating system menu bar and opening the View > Account Info screen.
Resource URL |
HTTP Method |
Request Headers | Request Payload |
---|---|---|---|
oauth/token | POST |
{ "Content-Type": "application/x-www-form-urlencoded", "Accept": "application/json", "Authorization": "Basic ABC9g1Zso4P6wKLebTFcNb==" } |
{ "username": "username@example.io", "password": "user_password", "grant_type": "password" } |
{ "access_token": "12345678-90AB-CDEF-0123-FED789CBA432", "token_type": "bearer", "expires_in": 16086, "scope": "partner account" }
The Authorization header value should be the string Basic
, followed by a space, followed by the Base64-encoded representation of your OAuth Client ID, a colon, and then your OAuth Client Secret.
For example, if your ClientID were “Mork” and your Client Secret were “Mindy”, you would perform a Base64-encoding of Mork:Mindy
to create the string TW9yazpNaW5keQ==
.
The entire Authorization header value would be Basic TW9yazpNaW5keQ==
.
username
and password
are the username (email address) and password you chose when you activated your Afero account.expires_in
, is measured in seconds.