Get an access_token

Endpoint

POST https://[idpurl]/connect/token

Authentication

Use Basic Authentication with your client credentials:

Authorization: Basic base64(client_id:client_secret)

Request Parameters (application/x-www-form-urlencoded)

ParameterValueDescription
grant_typeclient_credentialsOAuth2 flow type
scope[scope you received, default=public]Requested scope

cURL Example

curl -X POST "https://[idpurl]/connect/token" \
  -H "Authorization: Basic BASE64_ENCODED_CLIENTID_SECRET" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "grant_type=client_credentials&scope=public"

PowerShell Example

$clientId = "your_client_id"
$clientSecret = "your_client_secret"
$pair = "$clientId`:$clientSecret"
$encoded = [Convert]::ToBase64String([Text.Encoding]::ASCII.GetBytes($pair))

$headers = @{
    Authorization = "Basic $encoded"
}

$body = @{
    grant_type = "client_credentials"
    scope      = "public"
}

$response = Invoke-RestMethod -Method Post `
    -Uri "https://[idpurl]/connect/token" `
    -Headers $headers `
    -Body $body `
    -ContentType "application/x-www-form-urlencoded"

$response

Expected Response

{
  "access_token": "eyJhbGciOiJSUzI1NiIs...",
  "expires_in": 3600,
  "token_type": "Bearer",
  "scope": "public"
}

Notes

  • The Authorization header must be Base64-encoded
    • Content-Type must be: application/x-www-form-urlencoded