Authentication - OAuth2

OAuth 2.0 Authentication

Purpose:

OAuth 2.0 is used to confirm the identity of the user making the request. This ensures that only authenticated users can access resources.

How it Works:

  1. Get your Oauth2 credentials:

    1. see my credentials section

  2. Obtain an Access Token:

    1. Your client application initiates the OAuth 2.0 flow (client credentials grant) with the authorization server. See below examples on how to generate a token using command line or Postman.

    2. Upon successful authentication, the authorization server issues an access token.

  3. Include the Token in the Authorization Header:

    1. The client application includes the access token in the Authorization header of each API request, formatted as Bearer .

Example of request including the Auth token in the Authorization header:

Examples of Token generation

How to create token with CURL in command line

Example of generating a token for Staging:

How to create token using Postman

  1. Configure OAuth 2.0:

    • Go to the "Authorization" tab in Postman.

    • Select "OAuth 2.0" from the "Type" dropdown.

    • Configure the OAuth 2.0 settings according to your API's requirements:
      image.png

      • Grant Type: Select the appropriate grant type. choose Client Credentials.

      • Access Token URL: The URL to exchange the authorization code for an access token.

      • Client ID: Your client application's ID .

      • Client Secret: Your client application's secret.

      • Scope: add needed scopes. Example "smartdocflow/read smartdocflow/write".

    • Click "Get New Access Token" to obtain a valid access token.
      image.png

  • If the request is successful, a new token is created. click use token to start using it.
    image.png

    • Postman will then automatically add the Authorization: Bearer header to your requests (where Bearer is your token value).
      image.png

image.png