Technical specification
This technical specification explains the content of the OS OAuth2 API.
If you are not familiar with the OS OAuth 2 API please read the overview documentation before proceeding.
API reference
Generating an access token
To create an access token, you must send a HTTP POST request to the OS DataHub OAuth 2 token endpoint. The endpoint is secured with HTTP Basic Authentication, where the username is the Project API Key and the password is the Project API Secret.
OAuth 2 Token Endpoint
Required HTTP Headers
Authorisation
Basic <encoded credentials>
The encoded credentials are a base-64 encoded version of a string containing the username (Project API Key), a single : and the password (Project API Secret). Once you have the encoded value you should set the value of the Authorization header to 'Basic', a space, and the encoded value, e.g. Basic <encodedValue>.
Content-Type
application/x-www-form-urlencoded
The request body must be form-encoded.
Many HTTP frameworks have support for form-encoded messages and will set the content type automatically.
Request body
The request body must be form-encoded with the following property:
grant_type
client_credentials
The only supported grant_type is client_credentials
Response body
The response body is returned as a JSON object with the following properties:
access_token
ZclClFcksJlZ19vnJOt09Yj3xme0
The new access token.
expires_in
299
The time until the token expires, in seconds.
issued_at
1576249823754
The time at which the token was created.
token_type
Bearer
The type of the token. This is always Bearer.
Using the access token
Once you have generated your access token, you can use it to authenticate your requests to other OS Data Hub APIs.
To use the access token you must include an Authorization header on your API request. The value of the Authorization header should be 'Bearer', a space, and then the access token, for example, Bearer <accessToken>.
Last updated