Technical specification
Last updated
Was this helpful?
Last updated
Was this helpful?
This technical specification explains the content of the OS OAuth2 API.
POST /
To create an access token, you must send a HTTP POST request to the OS DataHub OAuth 2 token endpoint. The endpoint is secured with HTTP Basic Authentication, where the username is the Project API Key and the password is the Project API Secret.
Required HTTP Headers
Content-Type
application/x-www-form-urlencoded
The encoded credentials are a base-64 encoded version of a string containing the username (Project API Key), a single : and the password (Project API Secret). Once you have the encoded value you should set the value of the Authorization header to 'Basic', a space, and the encoded value, e.g. Basic <encodedValue>.
Authorization
Basic <encoded credentials>
The request body must be form-encoded.
Many HTTP frameworks have support for form-encoded messages and will set the content type automatically.
Body
grant_type
client_credentials
The only supported grant_type is client_credentials
Response
The response body is returned as a JSON object with the following properties:
access_token
ZclClFcksJlZ19vnJOt09Yj3xme0
The new access token.
expires_in
299
The time until the token expires, in seconds.
issued_at
1576249823754
The time at which the token was created.
token_type
Bearer
The type of the token. This is always Bearer.
Once you have generated your access token, you can use it to authenticate your requests to other OS Data Hub APIs.
To use the access token you must include an Authorization header on your API request. The value of the Authorization header should be 'Bearer', a space, and then the access token, for example, Bearer <accessToken>.