Client Credentials Flow

The client can request an access token using only its client credentials (or other supported means of authentication) when the client is requesting access to the protected resources under its control, or those of another resource owner that have been previously arranged with the authorization server (the method of which is beyond the scope of this specification).

More info https://tools.ietf.org/html/rfc6749#section-4.4

How to Use in Java

1) Create App in Cidaas

To work with Authorization code flow we need to create Non Interactive Client in cidaas app section

2) Get Access Token

        String appID = "your client";
        String secret = "your secret";        

        OAuthClientRequest clientReqAccessToken = OAuthClientRequest
                .tokenLocation("yourcidaasdomain/token-srv/token")
                .setGrantType(GrantType.CLIENT_CREDENTIALS).setClientId(appID).setClientSecret(secret)
                .buildBodyMessage();

        OAuthClient oAuthClient = new OAuthClient(new URLConnectionClient());
        OAuthAccessTokenResponse oAuthResponse = oAuthClient.accessToken(clientReqAccessToken);

        System.out.println(
                "Access Token: " + oAuthResponse.getAccessToken() + ", Expires in: " + oAuthResponse.getBody());

Example:

{
  "access_token": "ey...",
  "userstate": "UNKNOWN",
  "scope": "scope",
  "expires_in": 86400
}



results matching ""

    No results matching ""