search

Authentication

Authentication with OAuth2 Authorization Framework.

LogoRFC 6749: The OAuth 2.0 Authorization FrameworkIETF Datatrackerchevron-right

OAuth 2.0 is an authorization framework enabling applications to access user data without the user having to share their password. It works by having the user authorize the application to access their data on a third-party server, such as Google or Facebook. The application is then given an access token that it can use to access the user's data.

hashtag
Authentication

To interact with the One Record API, clients, typically applications rather than individual users, need to authenticate first.

hashtag
Authenticate an Application

For authenticating an application, it must send a POST request to the route

The request body must be encoded in x-www-form-urlencoded format and include the following parameters:

  • client_id: Identifies the client application.

  • client_secret: Secret key associated with the client application.

  • grant_type: Must be set to client_credentials to indicate the type of grant being requested. This information is securely sent over HTTPS.

hashtag
Example

post
Authorizations
AuthorizationstringRequired
Bearer authentication header of the form Bearer <token>.
Body

Access Token

grant_typestring · enumRequiredPossible values:
client_idstringRequired
client_secretstringRequired
Responses
chevron-right
200Success
application/json
access_tokenstringRequired
refresh_tokenstringOptional
expires_innumberOptionalDefault: 1800
refresh_expires_innumberOptionalDefault: 604800
token_typestringOptionalDefault: Bearer
scopestringOptional
post
/authentication/oauth2/token

PreviousTroubleshootingNextAuthorization

Last updated