Generating a token
OAuth 2.0
Now that you have your "Client ID" and "Client secret" you can make a call to our API in order to generate a token.
The URL that you need to call in order to do that is:
https://identity.officernd.com/oauth/token
The request method that you need to use in order to generate the token is POST.
The content-type header must be set to application/x-www-form-urlencoded.
The body needs to contain the following fields:
- client_id - taken from the OfficeRND application you just created.
- client_secret- taken from the OfficeRND application you just created.
- grant_type - currently we only support "client_credentials" so the value is always going to be the same.
- scope - here you can specify whether you'd like the token to have permissions to read, write or both, e.g. "officernd.api.read officernd.api.write".
Note: Please note that this will take into account the permission that you've specified for the application itself. For example, if the application has only "Read" permissions you can't generate a token with "Write" permissions, as you will see an error.
If you're using Postman, please see below:
After sending the POST request you'll be able to see your token in the response body.
The property "expires_in" specifies the time in seconds for which you can use the token. All tokens are valid for 3600 seconds, i.e 1 hour.
{ "access_token": "\", "token_type": "Bearer", "expires_in": 3599, "scope": "officernd.api.read officernd.api.write" }
After you've generated the token, you can use it as authorization when calling the different API endpoints.
You can generate a token here as well.
Example
Request
curl -X POST -H "Content-Type: application/x-www-form-urlencoded" -d "client_id={client_id}&client_secret={client_secret}&grant_type=client_credentials&scope=officernd.api.read officernd.api.write" https://identity.officernd.com/oauth/token
Response
{"access_token":"{access_token}","token_type":"Bearer","expires_in":3599,"scope":"officernd.api.read officernd.api.write"}
Authorization Header
Once you have the token you need to add an Authorization header to every request. The value of the header should be "Bearer <access_token>". It should look like this:
Authorization: Bearer <access_token>
Updated 4 months ago