POST token

POST Returns a new OAuth token.

Resource URL

https://www.drillster.com/daas/oauth/token

Parameters

Field Type Description
client_id
required
String The client ID of the registered application. Client IDs may be publicly shared.
client_secret
required
String The client secret of the registered application. The name implies that the client secret should not be shared with the end user.
grant_type
required
String

The type of operation requested. Possible values are:

  • authorization_code — For Authorization Code grant type. Requires that code is given.
  • refresh_token — For refreshing expired access tokens. Requires that refresh_token is given.
code
optional
String User for Authorization Code grant type.
refresh_token
optional
String User for refreshing expired haccess tokens.

Response

A 2.0 Token object.

Example request

POST https://www.drillster.com/daas/oauth/token
client_id=874a16d4ac764ce4a545f0cca4584c63
client_secret=5782b2e7532b48b5a0798f2ad6644614
grant_type=authorization_code
code=cIEL8h

Response

{
  "access_token": "eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJXSHJrck9DMFNEcWY2VjNXYVRrblpRIiwiZXhwIjoxNDY1ODI5Mjc0LCJqdGkiOiIwNzBiOGE1MS1hYjFkLTRlZDktODJjZS04YzNmZTlkMTJlMmEiLCJjbGllbnRfaWQiOiIzYWFhZTU1ZDc0ZDk0NmY0YWM2NTY4YTA3MjYxMDk5ZCIsInNjb3BlIjpbIlJPTEVfVVNFUiJdfQ.DmqZWRDMV4zctJ5R_WSsn_axGzfDNGOJJO79_garrM9w8zOvd7ZmAGgtFrVVcUWjfR3AR0RaXGM3wdHoqOs2YleD_AeYcrxDPJkiUDoQXQN3I9qNsediwhcMYj9l5UYlpR6uD3lcRzkCM4L5u4PTqs2RjZL2GBgvUMeQZNowpyK_shT_o_U4Y_LFnBWFf2c9MtKhUAIuNdqQ98jAxwEnS2tO_OUFCZ2JzZyFHmteQYz8q_kl5SE0UdBXmUfl4RKmxmozKyQFIA3p56Qtl65E_t8lJQVLC0OwL-2elAJMgqQy-J-ZHB3b9SMM9HXIDe81J-Sx51-R8bK4Dx28EZIPdg",
  "expires_in": 2591999,
  "jti": "070b8a51-ab1d-4ed9-82ce-8c3fe9d12e2a",
  "refresh_token": "ca9ff8d9-c62e-424c-b57c-68f544d8d07e",
  "scope": "ROLE_USER",
  "token_type": "bearer"
}

Error responses

The following error situations are possible:

ID Description
bad_request Request not understood
internal_error Internal problem
invalid_authorization_code Given authorization code is not valid
invalid_client_id Unrecognized client ID
invalid_credentials Invalid credentials
invalid_grant_type Invalid grant type
invalid_pin Given PIN code is not valid
invalid_refresh_token Given refresh token is not valid
missing_client_id Missing client ID
missing_code Missing code
missing_credentials Missing username or password
missing_refresh_token Missing refresh token
not_permitted User credential flow not permitted for this client ID