Ways for Clients to Provide the Inputs
There are three ways in which a client can provide the inputs for this service:
Provide inputs in the Basic authentication header (recommended).
The client can provide the client credentials (client_id and client_secret) in the Authorization header using the following form:
Authorization: Basic <base-64-encoded client_id:password, client_secret>
If you want to pass the scope, pass it in the request body.
Provide JSON inputs for the service.
The client can send a JSON request to the service in the following form:
{
"client_id" : "",
"client_secret": "",
"scope" : ""
}
Note: | The client should contain the header Content-type:application/json in the request. |
Provide inputs in the request body
The OAuth2 specifications do not support sending the client credentials over the URL as URL-Encoded. However, you can send the client credentials in the request body using the following form:
client_id=<client_id>&client_secret=<client_secret>&scope=<scope>
Note: | The client should contain the header Content-type:application/x-www-formurlencoded in the request. If a client provides the client_id and client_secret in both the Authorization header and the request body, the credentials given in the Authorization header are used. |