Authorization of PBX Applications Using the User's Username and Password
- esnata (Unlicensed)
If the PBX application has the password_credentials type, it is possible to authorize this application according to the scheme using the user's username and password.
To get the token, the PBX application must make a POST request to the URL https://<hostname>/oauth/token. The parameters are passed in the request body in the application/x-www-form-urlencoded format.
|
Request parameters
Parameter | Description |
|---|---|
grant_type | Must always have the value password |
client_id | App ID generated when creating the PBX app |
client_secret | App Secret generated when creating the PBX app |
username | The name of the user to authorize the PBX application for |
password | Password of the user to authorize the PBX application for |
Response parameters
Parameter | Description |
|---|---|
access_token | Access token. Used by the PBX application for API requests |
expires_in | The time period, in seconds, during which the token is valid. If an authorization error occurred while using the token, it is recommended to request the token again, even if the time specified in the expires_in field has not yet passed before the token expires |
token_type | The token type is always set to Bearer |
refresh_token | Refresh token, which can be used to regenerate the access token when it has become invalid |
Example
curl -L -X POST 'https://<hostname>/oauth/token' \
-H 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=password' \
--data-urlencode 'client_id=a80f1e618ddd4d4584e2bd18fd464194' \
--data-urlencode 'client_secret=a2423941f5be408c998d5f7287570990' \
--data-urlencode 'username=user_name' \
--data-urlencode 'password=user_password'System response:
{
"access_token": "pyt4ZUcLWc2FP3t10OJUN2N4Xh2qes",
"token_type": "Bearer",
"expires_in": 3600,
"refresh_token": "L40pLFI9hgoРlp0lFHNAvPUt0К9K0С"
}
← Authorization of Trusted PBX Applications API Requests with an Access Token →