Get client access token

Request

Retrieve an access token to authorize your API request. By default, the access token is valid for 1 hour, you don't need to regenerate it every time before calling Mosaic APIs.

NOTE: The request type and examples depend on the service you choose

Bodyapplication/x-www-form-urlencodedrequired

One of:

client_idstringrequired

Client identifier

Example: "YOUR_CLIENT_ID"

client_secretstringrequired

Client secret

Example: "YOUR_CLIENT_SECRET"

grant_typestringrequired

Should be set to client_credentials.

Value"client_credentials"

Example: "client_credentials"

resourcestring

URI of the resource the request is attempting to access.

Value"https://verify.identity.security"

Example: "https://verify.identity.security"

curl -i -X POST \
  https://api.sbx.transmitsecurity.io/oidc/token \
  -H 'Content-Type: application/x-www-form-urlencoded' \
  -d client_id=YOUR_CLIENT_ID \
  -d client_secret=YOUR_CLIENT_SECRET \
  -d grant_type=client_credentials \
  -d resource=https://verify.identity.security

Responses

Access token successfully retrieved

Bodyapplication/json

access_tokenstringrequired

The access token issued by the authorization server

token_typestringrequired

Returned as Bearer

Example: "Bearer"

expires_inintegerrequired

Expiration time of the access token in seconds

Default 3600

Example: 3600

scopestringrequired

Scope of the access token

Response

application/json

{
  "access_token": "string",
  "token_type": "Bearer",
  "expires_in": 3600,
  "scope": "string"
}

Authorization