Obtain the OAuth token

Initiate the process of obtaining the OAuth token by sending an authorization code request to the IFS CE authorization server. This is an HTTP GET or POST request to the authorization endpoint with these parameters:

client_id

Specify the OAuth client ID specific to your application.

redirect_uri

Specify the URL where the IFS CE authorization server sends the code upon user consent. This must be the same URL as registered in IFS CE during integration.

response_type=code

Specify the IFS authorization server to send the authorization code upon user consent.

The IFS CE authorization server works with the IFS CE Federation Hub to authenticate the user/resource owner and get user consent to release the claims to your app. If the user approves sharing claims with your application, then the IFS CE authorization server releases the authorization code to your application.

By using the token endpoint of IFS CE authorization server, exchange the authorization code for an OAuth access token and refresh token. Send these parameters as Content-Type "application/x-www-form-urlencoded"

client_id

Specify the OAuth client ID specific to your application.

client_secret

Specify the OAuth client secret received while acquiring OAuth client details.

grant_type=authorization_code

Specify the hint authorization server about the grant type being used.

redirect_uri

Specify the URL where the authorization server sends the access token. This URL must match the URL registered in API Gateway CE/IFS CE during integration.

code

Specify the authorization code sent by the authorization server in the previous step.

• token_type- This is the type of token issued, for example, Bearer.
• expires_in - This is the validity period of the access token.
• refresh_token - This is the refresh token to be used to renew the expired access token.
• access_token - This is the token to be used for accessing protected resources.