Obtaining an ID Token

Function

This API is used to obtain an ID token.

URI

POST /api/v1/oauth2/token

Request Parameters

**Table 1** FormData parameters
Parameter	Mandatory	Type	Description
grant_type	Yes	String	Grant type. The value is fixed at authorization_code.
code	Yes	String	Authorization code, which is obtained through callback after login authentication.
client_id	Yes	String	Application ID, which is a client ID allocated to an application after registration.
client_secret	Yes	String	Application secret, which is a client secret allocated to an application after registration.
redirect_uri	Yes	String	Callback address. The address can be the callback address or the domain name entered during application registration.

Response Parameters

Status code: 200

**Table 2** Response body parameters
Parameter	Type	Description
access_token	String	Access token that the authorization server returns to the third-party application.
token_type	String	Type of the access token. Fixed value: Bearer.
expires_in	String	Validity period of the access token. Unit: second.
scope	String	Authorization scope.
refresh_token	String	Refresh token. By default, no refresh token is generated. If you need one, set the refresh token validity period in the authentication configuration of the application.
id_token	String	ID token.

Status code: 400

**Table 3** Response body parameters
Parameter	Type	Description
error	String	Error type.
error_description	String	Error description.

Example Requests

Obtain an ID token based on an authorization code. The value of grant type is fixed at authorization_code. ClientId and ClientSecret allocated in the application registration are used. Redirection address is configured to the callback address (https://example.com) in the application registration.

POST https://{domain_name}/api/v1/oauth2/token

Content-Type: application/x-www-form-urlencoded

grant_type=authorization_code&
code=0yV...&
client_id=cU0L3GsEq1vuOJ5iQrRSu5AyPnKL8...&
client_secret=EFj******TcE&
redirect_uri=https://example.com

Example Responses

Status code: 200

Request successful.

Example 1

{
  "access_token" : "ObU******NpD",
  "token_type" : "Bearer",
  "expires_in" : 7200,
  "scope" : "openid",
  "id_token" : "eyJ******Njg"
}

Example 2

{
  "access_token" : "NqMh******d3k",
  "token_type" : "Bearer",
  "expires_in" : 7200,
  "scope" : "openid",
  "refresh_token" : "5wI******anH",
  "id_token" : "eyJ******Njg"
}

Status code: 400

Request error.

{
  "error" : "invalid_grant",
  "error_description" : "Invalid authorization code"
}

Status Codes

Status Code	Description
200	Request successful.
400	Request error.

Error Codes

See Error Codes.

Parent topic: OIDC Authentication

Previous topic: Obtaining an Authorization Code

Next topic: Refreshing an Access Token

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot