WebsiteHelp Desk

OAuth Bearer Token (Full API)

The OAuth API provides full access to the Limio APIs. Those APIs can be used for posting orders, reading Limio objects and other operational tasks.

How to get an OAuth Bearer Token?

OAuth bearer tokens can be generated using the OAuth API endpoints.

For SSO (Single Sign-On) the OAuth endpoints can be connected to SAML or OpenID Connect identity providers, please contact us at support@limio.com for details on how to enable this.

The OAuth-supported flows are:

Grant Type

Usage

Authorisation Code grant

Used to obtain a token when a user will log into their account using a browser.

Client Credentials

Used when an application service required access to the API

Authorize endpoint

The authorize API allows you to perform a web login to retrieve an authorisation code which can be exchanged for a token. 

GET <your domain>/oauth2/authorize

Value

response_type

'code'

client_id

The client id assigned to your tenant

redirect_uri

The URL the client should be redirected to once the login has occurred

state

A CSRF token, a random string that will be returned with the redirect

scope

'openid'

Returns: The API will return the following redirect response.

HTTP/1.1 302 Found Location: redirect_uri?code=AUTHORIZATION_CODE&state=STATE

The state should be checked against the value that was passed in, then the AUTHORIZATION_CODE extracted and passed to the token API.

Token endpoint

The token endpoint can be used to turn an authorization token into an access token. This method can also be used to establish a client credentials grant.

POST /oauth2/token

Header

Value

Authorization

Base64Encode(client_id:client_secret).

Content-Type

'application/x-www-form-urlencoded'

Form Parameters

For authorization code grant

For Client Credentials grant

grant_type

authorization_code

client_credentials

client_id

The client id

The client id

client_secret

The client secret

The client secret

scope

n/a

n/a

redirect_uri

same redirect url that was used the obtain the authorization token.

n/a

code

the authorization code from the authorize end point

n/a

For example, to request a Bearer token to use when calling Limio APIs, you can send a request using cURL: 

 curl --request POST \
  --url https://{domain}/oauth2/token \
  --header 'Content-Type: application/x-www-form-urlencoded' \
  --data grant_type=client_credentials \
  --data client_id={client_id_details} \
  --data client_secret={client_secret_details}

This will return:

HTTP/1.1 200 OK 
Content-Type: application/json

{ 
    "access_token":"<Access Token>",
    "token_type":"Bearer", 
    "expires_in":3600 
}
PreviousPublic Keys (Read-Only API)NextCatalog API

Last updated