Obtain the OAuth token for Java web applications

Send an Authorization Code Request to the IFS authorization server.

To initiate obtaining the OAuth token, send an authorization code request to the IFS authorization server. This is an HTTP GET or POST request to the authorization endpoint with these parameters:

client_id: Specify the OAuth client ID specific to your app.
redirect_uri: Specify the URL where the IFS authorization server sends the code upon user consent. This must be the same URL as registered in IFS during integration.
response_type=code: Indicate the IFS authorization server to send the authorization code upon user consent parameters.

Resource Owner (User) Authentication and Consent (IFS functionality).

The IFS authorization server works with the IFS Federation Hub to authenticate the user/resource owner and get user consent to release the claims to your app. If the user approves sharing claims with your application, then the IFS authorization server releases the authorization code to your application.

Exchange the authorization code for an access token and refresh token.

Using the token endpoint of the IFS authorization server, exchange the authorization code for an OAuth access token and refresh token. Send these parameters as Content-Type "application/x-www-form-urlencoded"

client_id: Specify the OAuth Client ID specific to your app.
client_secret: Specify the OAuth client secret received while acquiring OAuth client details.
grant_type=authorization_code: Specify the hint authorization server about the grant type being used.
redirect_ur: Specify the URL where the authorization server sends the access token. This URL must match the URL registered in ION API CE/IFS CE during integration.
code: Specify the authorization code sent by authorization server in the previous step.

In exchange, the authorization server provides the token_type, for example, Bearer.