/auth/token
Flow
- All API calls require an
Authorization: Bearer <bearer token>header. - Automated
<bearer token>rotation is recommended. - Successful authentication rotation calls will return a new bearer token.
Supported Methods
- POST
Request
/auth/token
HEADERS
| RCO | Multitude | Key | Type | Description |
|---|---|---|---|---|
| R | 1 | User-Agent | String | An identifying string in Product/Version format, where Version is a SemVer-compliant string, that uniquely identifies your application. |
| R | 1 | Accept | String | The only supported response type for this endpoint is application/json. |
| R | 1 | Content-Type | String | PThe only supported request type for this endpoint is application/json. |
| R | 1 | Request-ID | String | The integrator's external request ID for support traceablility and issue debugging. This string should be a UUID V4 value. |
| R | 1 | PAC-Application-ID | String | The application identifier for which API access has been authorized; this value is typically expressed in reverse domain notation and is bound to an API key provided by Paciolan during provisioning. |
Request Object
| RCO | Key | Type | Description |
|---|---|---|---|
| R | grantType | String | authorization_code or refresh_token |
| C | code | String | authorization code to generate access and refresh token |
| C | refreshToken | String | exchange refresh token for an access token when the access token has expired |
Response
HEADERS
| Property | Type | Description |
|---|---|---|
| Request-ID | String | The same ID provided in the header of the request call returned back. |
| Content-Type | String | Supported type is application/json. |
Response Object
| Property | Type | Description |
|---|---|---|
| accessToken | String | The access token string issued by the authorization server |
| expiration | DateTime (JSON String) | Access token expiry in YYYY-MM-DDTHH:MM:SS.sssssssssZ (UTC) format |
| refreshToken | String | If the access token will expire, then use refresh token to obtain another access token |
| tokenType | String | The type of token, typically just the string "Bearer" |
Error Response Object
| Property | Type | Description |
|---|---|---|
| error | String | Generic description of error that occured |
Examples
Request with authorization code
curl 'https://link-sandbox.paciolan.info/v1/auth/token' \
-H 'User-Agent: MyApplication/1.0' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-H 'Request-ID: <RequestID>' \
-H 'PAC-Application-ID: com.mycompany.myapp' \
-d '{
"grantType": "authorization_code",
"code": "1fdb0e9c-57cb-4ea8-a066-56abb5ee773c"
}'
Success Response
{
"accessToken": "hsfsdgfdsgvb4354gfnbnkaerAtrJKNnrtusiJNOuts",
"expiration": "2023-02-18T19:39:39.548608815Z",
"refreshToken": "sflk5j6q2kgmKjfrs_kijdngka9qpoutrei45gfnm",
"tokenType": "Bearer"
}
Request with Refresh Token
curl 'https://link-sandbox.paciolan.info/v1/auth/token' \
-H 'User-Agent: MyApplication/1.0' \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-H 'Request-ID: <RequestID>' \
-H 'PAC-Application-ID: com.mycompany.myapp' \
-d '{
"grantType": "refresh_token",
"refreshToken": "sflk5j6q2kgmKjfrs_kijdngka9qpoutrei45gfnm"
}'
Success Response
{
"accessToken": "dsmvkhrthiurt9873245jkhs7f90234jh_8435kjhdsf8",
"expiration": "2023-02-18T19:39:39.548608815Z",
"refreshToken": "vcnhgflkrjelewjrwooruewoi34243jksfhcmhrkahu",
"tokenType": "Bearer"
}
Unsuccessful Response
{
"error": "invalid credential"
}