Oauth2 Client Credentials

Overview

Oauth2 client credential tokens are mainly used for server-to-server communication and don't have any user context. Currently they are used to make SCIM APIs by IdPs (Identity Providers).

By default the token expires in 30 mins. But some IdPs expect long-living tokens such as Azure IDP. Passing the query param expiresIn (in secs) will allow you to create long-living tokens.

Prerequisites

client_id and client_secret are required to get access token. Please contact platform team for respective credentials for IDP.

CURL Command

curl --location --request POST 'https://api.xxxxxx.com/passportsvc/api/v2/oauth/token' \--header 'Authorization: Basic <base-64 of client_id:client_secret>' \--header 'Content-Type: application/x-www-form-urlencoded' \--data-urlencode 'grant_type=client_credentials' \--data-urlencode 'scope=scim'

Response

{    "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzY29wZSI6WyJpZHAtY3JlYXRlIl0sImV4cCI6MTY1MDgwNjE1MSwiYXV0aG9yaXRpZXMiOlsiVFJVU1RFRF9DTElFTlQiXSwianRpIjoiNWM1YzIxYmEtMTJhZC00ZTUxLWJkMGYtOTM5NWI1NTA3ZWFlIiwiY2xpZW50X2lkIjoiRkJKVUVPQ1ZQTURQUk1OVUVLTVVCQkZRSE5HTlhXR1QifQ.ao1PHEtjH0OX3jYinVEiPFtVLExVTNqnyxiiK82GlgJcc4YsFB6TjFUb6yj3VdE0hLVR_EDdTVLQWt7sVNxEoCdZwH15bOVf7CjWyhI9NgED6Oy4iYgQ8g4Xo1gpNeVkxpjJM2p7o9HStbtAeVKpzE7z7p9niUwcTxm_V0E6gUu2-cycHuivOFRIQeszUSlPa3gOvkLjmWO4pAzgSfuYiFLwnB-Z4LQJTRK175i_YSqSGgreJ1jRcrOGYWDkTVHYtVVLQ45BZnZgChACbtKBWu5s2Gc0ANLOnpAWDsrFL4wi5sCKtTX2mjeb0V9NJNZVHiGj_IOCT2ipyUCmrpYiGQ",    "token_type": "Bearer",    "expires_in": 1799,    "scope": "scim"}

Via Postman