Oauth Access Tokens
Timed tokens suitable for various application types and scopes.
When using OAUTH Access tokens you will receive an access_token, refresh_token, and expires_in
curl --location -g 'https://oclnk.co/oauth2/token/' \
--header 'Authorization: bearer {{access_token}}' \
--form 'format="json"' \
--form 'grant_type="password"' \
--form 'client_id="{{oauth2_client_id}}"' \
--form 'client_secret="{{auth2_client_secret}}"' \
--form 'username="{{username}}"' \
--form 'password="{{password}}"'
{
"client_id": "testing",
"territory": "Demo",
"domain": "onecloud",
"uid": "3101@onecloud",
"expires": "1686420498",
"scope": "Office Manager",
"token_type": "Bearer",
"rate_limit": "0",
"login": "3101@onecloud"
"user_email": "[email protected]"
"displayName": "Lucas King",
"access_token": "ACCESS_TOKEN_HERE",
"expires_in": 3600,
"refresh_token": "REFRESH_TOKEN_HERE",
"apiversion": "Version: 44.0.4"
}
MultiFactor Authentication and OAUTH
When requesting an Access Token if you receive a response where scope is "MFA" then you need to make a second request with the user's One Time Password from their Authentication app and send the Base64 encoded client_id and client_secret as Basic Authorization on the next request.
In this request we will add a few more parameters and use our response from the first request to provide the access_token.
curl --location 'https://oclnk.co/ns-api/oauth2/token/' \
--header 'Authorization: Basic {{base64 encoded _client_id and client_secret}}' \
--form 'format="json"' \
--form 'grant_type="mfa"' \
--form 'mfa_vendor="google"' \
--form 'mfa_type="authenticator"' \
--form 'passcode="{{Users OTP}}"' \
--form 'ns_id_type="subscriber"' \
--form 'access_token="{{access_token from first request}}"'
echo -n "{{client_id}}:{{client_secret}}" | base64
Updated about 1 year ago