Generating Authorization Tokens

The tabs below walk through the settings and information needed to use the Password Grant and Client Credentials Grant functions so that you may successfully send API requests to the Toku APIs, and receive responses from the Toku API service.

OAuth2 Token API

The general structure of the URL to access to the OAuth2 Token API is:

https://[API-Gateway-Domain]/token

The production Oauth2 Token API is accessible from the following URL:

https://caasapi.tokuworld.com/token

Generating Authorization Tokens

You will need to generate access tokens to be sent in the headers of your API requests, when using Toku APIs.

Once your Toku API Account is set up you will receive Username and Password, as well as a Consumer Key and Consumer Secret to use when requesting Access Tokens.

Password Grant

Parameters

Name Location Description Required Schema
Authorization header Basic Base64 Yes string
grant_type query grant_type=password Yes string
username query Account Username Yes string
password query Login password Yes string

Responses

Code Description
200 Success

Sample:

{
	"access_token":"[YOUR-VALID-ACCESS-TOKEN]",
	"refresh_token":"[A-VALID-REFRESH-TOKEN]",
	"scope":"default",
	"token_type":"Bearer",
	"expires_in":3600
}
Password Grant Samples

The following cURL command shows how to generate an Access Token using the “Password Grant” header type.

curl -k -d "grant_type=password&username=Username&password=Password" \
	    -H "Authorization: Basic Base64(consumer-key:consumer-secret)" \
	     https://caasapi.tokuworld.com/token

Where your account Username and Password are substituted into the statement

-d "grant_typepassword&username=YOUR_USERNAME&password=YOUR_PASSWORD" \

And the Consumer Key and Consumer Secret supplied to you are included in the line:

-H "Authorization: Basic Base64(consumer-key:consumer-secret)" 

You can also generate an access token using the “Client Credential” grant type.

Client Credentials Grant

Name Location Description Required Schema
Authorization header Basic Base64 Yes string
grant_type query grant_type=client_credentials Yes string

Responses

Code Description
200 Success

Sample:

{
	"access_token":"[YOUR-VALID-ACCESS-TOKEN",
	"scope":"am_application_scope default",
	"token_type":"Bearer",
	"expires_in":3600
}
Client Credentials Grant Samples
curl -k -d "grant_type=client_credentials" \
        -H "Authorization: Basic Base64(consumer-key:consumer-secret)" \
         https://caasapi.toku.co/token