...
POST to our token endpoint
Set ? grant_type=client_credentials &and scope=externalapi in the post body
Set Content-Type: application/x-www-form-urlencoded
Set Authorization header
Header format is Basic Base64(Utf8(clientId:secret))
Example: The header for clientId = democlient and secret = demosecret would become ZGVtb2NsaWVudDpkZW1vc2VjcmV0
So the Authorize header for the Identity server should be:
Basic ZGVtb2NsaWVudDpkZW1vc2VjcmV0
Example return value:
Return value
Code Block language json { "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciNlcyIsImV4cCI6MTQ2MzA", "expires_in": 3600, "token_type": "Bearer" }
When calling one of our web services set the Authorize header to:
Bearer access_token
Example: Bearer eyJ0eXAiOiJKV1QiLCJhbGciNlcyIsImV4cCI6MTQ2MzA
...