Connecting your product and users to the Knewton Platform
In this section:
POST /oauth/token
Retrieve an access token and a refresh token that can be used to authorize requests to the API on behalf of a user account. This endpoint supports the 2-legged OAuth flow.
This endpoint must be called by the partner admin user. Unlike other endpoints, which may be authorized using an OAuth token belonging to the partner admin user, calls to this endpoint must be authorized using a basic auth header as described below.
| Header Key | Header Value | Description |
|---|---|---|
| Content-Type | application/x-www-form-urlencoded |
Content type header indicating that request body is form data. |
| Authorization | Basic <key>, where <key> is formed by base64 encoding <api_key>:<api_secret> using the API key and secret provided by your knewton representative. |
Basic auth header. |
| Parameter | Type | Optional | Description |
|---|---|---|---|
| grant_type | string | No | One of “refresh_token”, or “client_credentials”. |
| refresh_token | string | Yes | The refresh token returned from a previous /oauth/token call. Required only when using grant_type=refresh_token. In this case, the returned tokens will be associated with the same account that the specified refresh token is associated with. |
| scope | string | Yes | The external ID of a previously created user account to be associated with the returned tokens. Required only when using grant_type=client_credentials. |
Sample Request Body: Using grant_type=client_credentials
grant_type=client_credentials&scope=user_601726
Sample Request Body: Using grant_type=refresh_token
grant_type=refresh_token&refresh_token=bc11124fc08c41ecafe2cf6a9814024d
| Parameter | Type | Optional | Description |
|---|---|---|---|
| access_token | string | No | An OAuth token that can be used to authorize subsequent requests to API endpoints on behalf of the associated user account. |
| refresh_token | string | No | An OAuth token that can be exchanged in the future for fresh access tokens for the associated user account. |
| token_type | string | No | Always “Bearer” |
| expires_in | integer | No | The number of seconds until the access token will expire. |
| expires_at | datetime | No | The date and time at which the access token will expire. |
| account_id | uuid | No | The ID of the account with which then OAuth tokens are associated. |
Sample Response Body
{
"access_token": "6f6b3df25befe8ac344b",
"refresh_token": "c09c781ab44c9cb3b529",
"token_type": "Bearer",
"expires_in": 15555599,
"expires_at": "2013-11-05T21:19:45.268Z",
"account_id": "d0effd52-c3a7-4a3c-827a-3ac5eaa049a1"
}