Obtaining an Access Token

Function

This API is used to obtain an access token that can be used to call the API for obtaining user information.

Constraints

null

URI

POST /api/v1/oauth2/token

Request Parameters

**Table 1** FormData parameters
Parameter	Mandatory	Type	Description
code	Yes	String	Authorization code, which is returned by the API for obtaining authentication login code.
client_id	Yes	String	Application ID, which is a client ID allocated to an application after registration.
client_secret	Yes	String	Application secret, which is a client secret allocated to an application after registration.
grant_type	Yes	String	Grant type. The value is fixed at authorization_code.
redirect_uri	No	String	Callback address. The address can be the callback address or the domain name entered during application registration. If this parameter is transferred, the value must be the same as the value of redirect_url in the API for obtaining an authorization login code.

Response Parameters

Status code: 200

**Table 2** Response body parameters
Parameter	Type	Description
access_token	String	Access token that the authorization server returns to the third-party application.
token_type	String	Type of the access token. Fixed value: Bearer.
expires_in	Long	Validity period of the access token. Unit: second.
scope	String	Authorization scope.
refresh_token	String	Refresh token. By default, no refresh token is generated. If you need one, set the refresh token validity period in the authentication configuration of the application.

Status code: 400

**Table 3** Response body parameters
Parameter	Type	Description
error	String	Error type.
error_description	String	Error description.

Example Requests

Obtain the access token that will be used to obtain user information. code uses authorization code z2D... returned by the API. client_id and client_secret use ClientId and ClientSecret assigned during the application registration. redirect_uri is configured to the application callback address https://example.com. The value of grant_type is fixed at authorization_code.

POST https://{domain_name}/api/v1/oauth2/token

Content-Type: application/x-www-form-urlencoded

code=z2D...&
client_id=NzZeWuiJa91dPSRdZQChMazIh13AW...&
client_secret=NzZeWuiJa91dPSRdZQChMazIh13AW...&
redirect_uri=https://example.com&
grant_type=authorization_code

Example Responses

Status code: 200

Request successful.

{
  "access_token" : "NqM******d3k",
  "token_type" : "Bearer",
  "expires_in" : "7200",
  "scope" : "get_user_info",
  "refresh_token" : "42e******w24"
}

Status code: 400

Request error.

{
  "error" : "invalid_grant",
  "error_description" : "Invalid authorization code"
}

Status Codes

Status Code	Description
200	Request successful.
400	Request error.

Error Codes

See Error Codes.

Parent topic: OAuth 2.0 Authentication

Previous topic: Obtaining an Authorization Code

Next topic: Obtaining User Information

Feedback

Was this page helpful?

Helpful Not helpful

Provide feedback

Thank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.

The system is busy. Please try again later.

Which of the following issues have you encountered?

Content is inconsistent with the product UI

Unclear descriptions

Lack of examples or code

Incorrect steps

Can't find what I need

Lack of best practices

Feedback (optional)

0/500

Select at least one type of issue, and enter your comments or suggestions.

Enter a maximum of 500 characters.

Submit Cancel

For any further questions, feel free to contact us through the chatbot.

Chatbot