openapi: 3.0.1 info: title: Authentication API description: "Implementation of [OAuth 2.0](https://tools.ietf.org/html/rfc6749 \"Docs\") with Client Credentials Grant type\n" version: '1.0' servers: - url: https://api-sandbox.workspan.com/oauth paths: /token: post: tags: - Oauth2 summary: Request Access Token description: "Partner makes a request to the token endpoint by adding the\nfollowing parameters describerd below\n" operationId: post-token parameters: - name: x-ws-env in: header description: Use this for WorkSpan Sandbox environment e.g. ws-api-1.appspot.com schema: type: string requestBody: description: get access token content: application/json: schema: $ref: '#/components/schemas/Body' responses: '200': description: Authorization token (Bearer) content: application/json: schema: $ref: '#/components/schemas/Token' example: access_token: 2YotnFZFEjr1zCsicMWpAA token_type: Bearer expires_in: 3600 refresh_token: FZFEicMWpA '400': description: As per RFC authorisation server responds with 400 in case of error content: application/json: schema: $ref: '#/components/schemas/Error' example: error: invalid_request delete: tags: - Oauth2 summary: Invalidate access token description: Invalidate access token operationId: delete-token responses: '200': description: Empty body with 200 code content: application/json: { } '403': description: Access Token already invalidated or not found content: application/json: { } '500': description: Internal server error content: application/json: { } /authorize: get: tags: - Oauth2 summary: Request Authorization Code description: Provide Authorization code (dummy) operationId: get-authorize requestBody: content: application/x-www-form-urlencoded: schema: required: - response_type - redirect_uri properties: response_type: enum: - code type: string description: must be set to "code" as per RFC client_id: type: string redirect_uri: type: string code: type: string state: type: string scope: type: string responses: '302': description: Authorization code content: application/json: { } components: schemas: Token: type: object properties: access_token: type: string description: The access token value refresh_token: type: string description: Refresh token value token_type: enum: - Bearer type: string description: Type of the token is set to "Bearer" expires_in: type: integer description: The lifetime in seconds of the access token format: int32 state: type: string description: state sent by client Error: type: object properties: error: enum: - invalid_request - invalid_client - invalid_grant - unauthorized_client - unsupported_grant_type type: string error_description: type: string description: Human-readable text providing additional information error_uri: type: string description: A URI identifying a human-readable web page with information about the error Body: required: - grant_type properties: grant_type: enum: - client_credentials - refresh_token type: string description: Value MUST be "client_credentials" or "refresh_token" as per RFC client_id: type: string description: Client Id assigned by WorkSpan client_secret: type: string description: Client secret assigned by WorkSpan refresh_token: type: string scope: type: string description: Scopes for token redirect_uri: type: string description: redirect URI to send token state: type: string description: state passed by customer