- What's New
- Service Overview
- Getting Started
- User Guide
-
API Reference
- Before You Start
- API Overview
- Calling APIs
-
API
- Instance Management
- Access Control Attribute Management
-
Permission Set Management
- Adding a System-defined Identity Policy
- Deleting a Permission Set
- Querying Permission Set Details
- Updating a Permission Set
- Deleting a System-defined Identity Policy
- Querying Details About a Custom Identity Policy
- Adding a Custom Identity Policy
- Deleting a Custom Identity Policy
- Listing Accounts Associated with a Permission Set
- Listing System-defined Identity Policies
- Listing Pre-provisioning Statuses of Permission Sets
- Listing Permission Sets
- Creating a Permission Set
- Listing Permission Sets Provisioned to an Account
- Pre-provisioning a Permission Set
- Querying Pre-attachment Status Details of a Permission Set
- Adding a System-defined Policy
- Deleting a System-defined Policy
- Listing System-defined Policies
-
Account Assignment Management
- Removing Account Assignments
- Querying Details about the Account Assignment Creation Status
- Listing Account Assignment Creation Statuses
- Listing Account Assignment Deletion Statuses
- Listing Users or Groups Associated with an Account and a Permission Set
- Creating Account Assignments
- Querying Details about the Account Assignment Deletion Status
- Tag Management
- User Management
- Group Management
- Group Membership Management
- SCIM User Management
- SCIM Group Management
- Service Provider (SP) Management
- Client Management
- Token Management
- Device Authorization Management
- Authorization Management
- Account Management
- Agency Management
- Credentials Management
- Appendixes
- Change History
- General Reference
Copied.
Creating a Token
Function
This API is used to create an access token.
URI
POST /v1/tokens
Request Parameters
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
client_id |
Yes |
String |
Unique ID of the client |
client_secret |
Yes |
String |
Secret string generated for the client to obtain authorization from services in subsequent calls |
code |
No |
String |
Authorization code received from the authorization service. This parameter is required when executing an authorization request to obtain access to the token. |
device_code |
No |
String |
Used only when the authorization type (grant_type) is the device code (urn:ietf:params:oauth:grant-type:device_code). |
grant_type |
Yes |
String |
Authorization type, which can be authorization code, device code, client credential, and refresh token Enumerated value:
|
redirect_uri |
No |
String |
Application URL that will receive the authorization code. The user authorizes a service to send a request to this URL. |
refresh_token |
No |
String |
Refresh token, which can be used to obtain a new access token after the original access token expires |
scopes |
No |
Array of strings |
List of scopes defined by a client to restrict permissions for access token authorization |
Response Parameters
Status code: 200
Parameter |
Type |
Description |
---|---|---|
Object |
Token information |
Parameter |
Type |
Description |
---|---|---|
access_token |
String |
Opaque token used to access IAM Identity Center resources assigned to users |
expires_in |
Integer |
Expiration time (in seconds) of an access token |
id_token |
String |
Opaque token used to identify a user |
refresh_token |
String |
Refresh token, which can be used to obtain a new access token after the original access token expires |
token_type |
String |
Used to notify the client that the returned token is an access token. The value is BearerToken currently. |
Example Request
Creating an access token
POST https://{hostname}/v1/tokens { "client_id" : "example_client_id", "client_secret" : "example_client_secret", "code" : "1234567890123456", "device_code" : null, "grant_type" : "authorization_code", "redirect_uri" : "https://example-redirect.example.com/redirect/url", "refresh_token" : null, "scopes" : [ "openid" ] }
Example Response
Status code: 200
Successful
{ "token_info" : { "access_token" : "example_access_token", "expires_in" : 1684955360, "id_token" : "example_access_token", "refresh_token" : null, "token_type" : "Bearer" } }
Status Codes
For details, see Status Codes.
Error Codes
For details, see Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot