Authentication API
API change historyImplementation of OAuth 2.0 with Client Credentials Grant type
Request Access Token
Partner makes a request to the token endpoint by adding the following parameters describerd below
Try itRequest
Request URL
Request headers
-
(optional)string
Use this for WorkSpan Sandbox environment e.g. ws-api-1.appspot.com
-
(optional)stringMedia type of the body sent to the API.
Request body
get access token
{
"grant_type": "client_credentials",
"client_id": "string",
"client_secret": "string",
"refresh_token": "string",
"scope": "string",
"redirect_uri": "string",
"state": "string"
}
{
"required": [
"grant_type"
],
"properties": {
"grant_type": {
"description": "Value MUST be \"client_credentials\" or \"refresh_token\" as per RFC",
"type": "string",
"enum": [
"client_credentials",
"refresh_token"
]
},
"client_id": {
"type": "string",
"description": "Client Id assigned by WorkSpan"
},
"client_secret": {
"type": "string",
"description": "Client secret assigned by WorkSpan"
},
"refresh_token": {
"type": "string"
},
"scope": {
"type": "string",
"description": "Scopes for token"
},
"redirect_uri": {
"type": "string",
"description": "redirect URI to send token"
},
"state": {
"type": "string",
"description": "state passed by customer"
}
}
}
Responses
200 OK
Authorization token (Bearer)
Representations
{
"access_token": "2YotnFZFEjr1zCsicMWpAA",
"token_type": "Bearer",
"expires_in": 3600,
"refresh_token": "FZFEicMWpA"
}
{
"type": "object",
"properties": {
"access_token": {
"type": "string",
"description": "The access token value"
},
"refresh_token": {
"type": "string",
"description": "Refresh token value"
},
"token_type": {
"type": "string",
"enum": [
"Bearer"
],
"description": "Type of the token is set to \"Bearer\""
},
"expires_in": {
"type": "integer",
"format": "int32",
"description": "The lifetime in seconds of the access token"
},
"state": {
"type": "string",
"description": "state sent by client"
}
}
}
400 Bad Request
As per RFC authorisation server responds with 400 in case of error
Representations
{
"error": "invalid_request"
}
{
"type": "object",
"properties": {
"error": {
"type": "string",
"enum": [
"invalid_request",
"invalid_client",
"invalid_grant",
"unauthorized_client",
"unsupported_grant_type"
]
},
"error_description": {
"type": "string",
"description": "Human-readable text providing additional information"
},
"error_uri": {
"type": "string",
"description": "A URI identifying a human-readable web page with information about the error"
}
}
}
Code samples
@ECHO OFF
curl -v -X POST "https://api-sandbox.workspan.com/oauth/token"
-H "x-ws-env: "
-H "Content-Type: application/json"
--data-ascii "{body}"
using System;
using System.Net.Http.Headers;
using System.Text;
using System.Net.Http;
using System.Web;
namespace CSHttpClientSample
{
static class Program
{
static void Main()
{
MakeRequest();
Console.WriteLine("Hit ENTER to exit...");
Console.ReadLine();
}
static async void MakeRequest()
{
var client = new HttpClient();
var queryString = HttpUtility.ParseQueryString(string.Empty);
// Request headers
client.DefaultRequestHeaders.Add("x-ws-env", "");
var uri = "https://api-sandbox.workspan.com/oauth/token?" + queryString;
HttpResponseMessage response;
// Request body
byte[] byteData = Encoding.UTF8.GetBytes("{body}");
using (var content = new ByteArrayContent(byteData))
{
content.Headers.ContentType = new MediaTypeHeaderValue("< your content type, i.e. application/json >");
response = await client.PostAsync(uri, content);
}
}
}
}
// // This sample uses the Apache HTTP client from HTTP Components (http://hc.apache.org/httpcomponents-client-ga/)
import java.net.URI;
import org.apache.http.HttpEntity;
import org.apache.http.HttpResponse;
import org.apache.http.client.HttpClient;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.utils.URIBuilder;
import org.apache.http.impl.client.HttpClients;
import org.apache.http.util.EntityUtils;
public class JavaSample
{
public static void main(String[] args)
{
HttpClient httpclient = HttpClients.createDefault();
try
{
URIBuilder builder = new URIBuilder("https://api-sandbox.workspan.com/oauth/token");
URI uri = builder.build();
HttpPost request = new HttpPost(uri);
request.setHeader("x-ws-env", "");
request.setHeader("Content-Type", "application/json");
// Request body
StringEntity reqEntity = new StringEntity("{body}");
request.setEntity(reqEntity);
HttpResponse response = httpclient.execute(request);
HttpEntity entity = response.getEntity();
if (entity != null)
{
System.out.println(EntityUtils.toString(entity));
}
}
catch (Exception e)
{
System.out.println(e.getMessage());
}
}
}
<!DOCTYPE html>
<html>
<head>
<title>JSSample</title>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js"></script>
</head>
<body>
<script type="text/javascript">
$(function() {
var params = {
// Request parameters
};
$.ajax({
url: "https://api-sandbox.workspan.com/oauth/token?" + $.param(params),
beforeSend: function(xhrObj){
// Request headers
xhrObj.setRequestHeader("x-ws-env","");
xhrObj.setRequestHeader("Content-Type","application/json");
},
type: "POST",
// Request body
data: "{body}",
})
.done(function(data) {
alert("success");
})
.fail(function() {
alert("error");
});
});
</script>
</body>
</html>
#import <Foundation/Foundation.h>
int main(int argc, const char * argv[])
{
NSAutoreleasePool * pool = [[NSAutoreleasePool alloc] init];
NSString* path = @"https://api-sandbox.workspan.com/oauth/token";
NSArray* array = @[
// Request parameters
@"entities=true",
];
NSString* string = [array componentsJoinedByString:@"&"];
path = [path stringByAppendingFormat:@"?%@", string];
NSLog(@"%@", path);
NSMutableURLRequest* _request = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:path]];
[_request setHTTPMethod:@"POST"];
// Request headers
[_request setValue:@"" forHTTPHeaderField:@"x-ws-env"];
[_request setValue:@"application/json" forHTTPHeaderField:@"Content-Type"];
// Request body
[_request setHTTPBody:[@"{body}" dataUsingEncoding:NSUTF8StringEncoding]];
NSURLResponse *response = nil;
NSError *error = nil;
NSData* _connectionData = [NSURLConnection sendSynchronousRequest:_request returningResponse:&response error:&error];
if (nil != error)
{
NSLog(@"Error: %@", error);
}
else
{
NSError* error = nil;
NSMutableDictionary* json = nil;
NSString* dataString = [[NSString alloc] initWithData:_connectionData encoding:NSUTF8StringEncoding];
NSLog(@"%@", dataString);
if (nil != _connectionData)
{
json = [NSJSONSerialization JSONObjectWithData:_connectionData options:NSJSONReadingMutableContainers error:&error];
}
if (error || !json)
{
NSLog(@"Could not parse loaded json with error:%@", error);
}
NSLog(@"%@", json);
_connectionData = nil;
}
[pool drain];
return 0;
}
<?php
// This sample uses the Apache HTTP client from HTTP Components (http://hc.apache.org/httpcomponents-client-ga/)
require_once 'HTTP/Request2.php';
$request = new Http_Request2('https://api-sandbox.workspan.com/oauth/token');
$url = $request->getUrl();
$headers = array(
// Request headers
'x-ws-env' => '',
'Content-Type' => 'application/json',
);
$request->setHeader($headers);
$parameters = array(
// Request parameters
);
$url->setQueryVariables($parameters);
$request->setMethod(HTTP_Request2::METHOD_POST);
// Request body
$request->setBody("{body}");
try
{
$response = $request->send();
echo $response->getBody();
}
catch (HttpException $ex)
{
echo $ex;
}
?>
########### Python 2.7 #############
import httplib, urllib, base64
headers = {
# Request headers
'x-ws-env': '',
'Content-Type': 'application/json',
}
params = urllib.urlencode({
})
try:
conn = httplib.HTTPSConnection('api-sandbox.workspan.com')
conn.request("POST", "/oauth/token?%s" % params, "{body}", headers)
response = conn.getresponse()
data = response.read()
print(data)
conn.close()
except Exception as e:
print("[Errno {0}] {1}".format(e.errno, e.strerror))
####################################
########### Python 3.2 #############
import http.client, urllib.request, urllib.parse, urllib.error, base64
headers = {
# Request headers
'x-ws-env': '',
'Content-Type': 'application/json',
}
params = urllib.parse.urlencode({
})
try:
conn = http.client.HTTPSConnection('api-sandbox.workspan.com')
conn.request("POST", "/oauth/token?%s" % params, "{body}", headers)
response = conn.getresponse()
data = response.read()
print(data)
conn.close()
except Exception as e:
print("[Errno {0}] {1}".format(e.errno, e.strerror))
####################################
require 'net/http'
uri = URI('https://api-sandbox.workspan.com/oauth/token')
request = Net::HTTP::Post.new(uri.request_uri)
# Request headers
request['x-ws-env'] = ''
# Request headers
request['Content-Type'] = 'application/json'
# Request body
request.body = "{body}"
response = Net::HTTP.start(uri.host, uri.port, :use_ssl => uri.scheme == 'https') do |http|
http.request(request)
end
puts response.body