Authorization of Trusted PBX Applications
- esnata (Unlicensed)
If the PBX application is trusted, then user confirmation is not required, such an application receives an access token without the user's participation. This authorization method can be useful for creating various automation scripts that exclude user interaction with the PBX application.
To get the token, the PBX application must make a POST request to the URL https://<hostname>/oauth/token. The parameters are passed in the request body in the application/x-www-form-urlencoded format.
|
Request parameters
Parameter | Description |
|---|---|
grant_type | Must always have the value client_credentials |
client_id | App ID generated when creating the PBX app |
client_secret | App Secret generated when creating the PBX app |
Response parameters
Parameter | Description |
|---|---|
access_token | Access token. Used by the PBX application for API requests |
expires_in | The time period, in seconds, during which the token is valid. If an authorization error occurred while using the token, it is recommended to request the token again, even if the time specified in the expires_in field has not yet passed before the token expires |
token_type | The token type is always set to Bearer |
scope | The scope of permissions for the PBX application, is set to all |
Example
curl -L -X POST 'https://<hostname>/oauth/token' \
-H 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'client_id=a80f1e618ddd4d1584e2bd48fd464194' \
--data-urlencode 'client_secret=a2423941f5be408c998d5f7287570990'System response:
{
"access_token": "2jGp74vK7HmBtWq0McR0l2n7eVEJJQ",
"token_type": "Bearer",
"expires_in": 3600,
"scope": "all"
}
← Authorization of Public PBX Applications with User Confirmation