AgriWebb API
API Reference

Token Exchange

POST /oauth2/token

Retrieve an access token for the API, either via exchanging an authorization_code or by exchanging a refresh_token.

Authentication

Authentication is required for this method, using Client ID and Client Secret via the Basic Auth strategy. Use the following methodology to create the required Authorization header:

  • Create a string of Client ID and Client Secret concatenated by a single colon: "{ClientID}:{ClientSecret}"
  • Base64 encode this string: base64("{ClientID}:{ClientSecret}")
  • Construct the Authorization header: "Authorization: Basic {base64EncodedDigest}"

For example, if we are to use the example credentials test-client-id and test-secret-value as the ClientID and ClientSecret we would get the following result: Authorization: Basic dGVzdC1jbGllbnQtaWQ6dGVzdC1zZWNyZXQtdmFsdWU=

POST
/oauth2/token

Header Parameters

Authorizationstring

The only supported authorisation method is Basic ...

Request Body

grant_typestring
Value in"refresh_token"
codestring

The authorisation code from the callback endpoint

Lengthlength <= 2048
redirect_uri?string

If the redirect_uri was provided earlier in the flow it is required to be passed through again here

Formaturi
Lengthlength <= 2048
client_id?string

A not recommended method for Client Authentication, prefer the header Authorization: Basic ...

Lengthlength <= 64
client_secret?string

A not recommended method for Client Authentication, prefer the header Authorization: Basic ...

Lengthlength <= 2048
refresh_tokenstring

The refresh_token provided in a previous token exchange

Lengthlength <= 2048
scope?string

A token can be requested with a subset of the initially requested scopes

Lengthlength <= 2048

Response Body

curl -X POST "https://auth.agriwebb.com/oauth2/token" \
  -H "Authorization: string" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d 'grant_type=authorization_code&code=string'
{
  "access_token": "string",
  "token_type": "Bearer",
  "expires_in": 0,
  "refresh_token": "string"
}
{
  "error": "invalid_request",
  "error_description": "string",
  "error_uri": "string"
}
{
  "error": "invalid_request",
  "error_description": "string",
  "error_uri": "string"
}
{
  "error": "invalid_request",
  "error_description": "string",
  "error_uri": "string"
}
{
  "error": "invalid_request",
  "error_description": "string",
  "error_uri": "string"
}
{
  "error": "invalid_request",
  "error_description": "string",
  "error_uri": "string"
}

Authorisation Request GET

Previous Page

deprecated

Next Page