API Gateway 10.11 | Administering API Gateway | Security Configuration | OAuth, JWT, and OpenID Configuration | OAuth Authentication Use case and Workflow | Retrieving OAuth Token
 
Retrieving OAuth Token
You must retrieve an OAuth token to access an API that is OAuth protected.
*To retrieve an OAuth token
1. Open your REST client.
2. Make a POST call to the following URL, with the hostname of the system where API Gateway is installed in place of localhost:
http://localhost:5555/invoke/pub.apigateway.oauth2/getAccessToken
For example
http://10.2.120.14:5555/invoke/pub.apigateway.oauth2/getAccessToken
3. Provide the following payload, with the required client id and client secret, in the Request section:
{
"grant_type":"client_credentials",
"client_id":"client id",
"client_secret":"client secret"
}
You can find Client id and Client secret in the Authentication section of the Application details page.
For example
{
"grant_type":"client_credentials",
"client_id":"0abcd80e-f009-4a38-b52e-e663b2e18e5b",
"client_secret":"3bd9c383-813e-40d4-b876-67c4da7c71cc"
}
The access token that can be used to access the required application is displayed in the Response section.
Sample response
{
"access_token": "c9a39e14e6a84be0b228bc9bcb76ad99",
"token_type": "Bearer",
"expires_in": 3600
}