Authorization Code
The authorization code grant type is used to obtain both access tokens and refresh tokens and is optimized for
confidential clients.
-
Register the application
GET {$host}/{$workspace}/oauth2/apps
-
Request Authorization
GET {$host}/{$workspace}/oauth2/authorize?response_type=code&client_id={literal}{the-client-id}{/literal}&scope=*
-
Exchange Authorization code by an Access Token.
POST {$host}/{$workspace}/oauth2/token Authorization: Basic eC1wbS1sb2NhbC1jbGllbnQ6MTc5YWQ0NWM2Y2UyY2I5N2NmMTAyOWUyMTIwNDZlODE= grant_type=code& code={literal}{the-authorization-code}{/literal}