Token Endpoint

POST /v3/service/extension/oidc/:organisationId/token

OpenID Connect token endpoint that exchanges an authorization code for access and ID tokens. Client authentication is required using HTTP Basic Auth with client_id as username and client_secret as password.

Request

Path Parameters

organisationId stringrequired

The ID of the organisation

application/x-www-form-urlencoded

Body

required

grant_type stringrequired

Possible values: [authorization_code]

The type of grant being used

redirect_uri stringrequired

The URI to which the response will be sent, must match the redirect URI used in the authorisation request

code stringrequired

The authorisation code received from the authorisation request

Responses

Access (and ID) token response

Response Headers

Cache-Control string
Indicates that the response should not be cached.

application/json

Schema
Example (from schema)

Schema

access_token string

The JWT token that can be sent to access protected resources

token_type string

The type of the token issued (Bearer)

expires_in integer

The duration in seconds for which the access token is valid

id_token string

The JWT that contains identity information about the user

{
  "access_token": "string",
  "token_type": "string",
  "expires_in": 0,
  "id_token": "string"
}

Token Endpoint

/v3/service/extension/oidc/:organisationId/token

Request​

Path Parameters

Body

Responses​

Request

Responses