Authentication
The API uses OAuth
2.0 as protocol for authentication. It officially implements the implicit
and password
grant type
implicit
grant
Receive a token
-
Make a GET request to
http://oauth-server/authorize?client_id=web&redirect_uri=http://localhost:4200&response_type=token
- The user will be redirected to the login form where they have to specify their email and password.
- After successful authentication user will be redirected to a previously specified uri (i.e. http://localhost:4200).
Verify a token
curl -X POST \
http://oauth-server/check-token \
-H 'content-type: multipart/form-data; boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW' \
-F token=TOKEN_HERE
password
grant
Receive a token
curl -X POST \
http://oauth-server/token \
-H 'Content-Type: application/x-www-form-urlencoded' \
-d 'grant_type=password&username=EMAIL&password=PASSWORD'
Refresh token
curl -X POST \
http://oauth-server/token \
-H 'Content-Type: application/x-www-form-urlencoded' \
-d 'grant_type=refresh_token&refresh_token=REFRESH_TOKEN'