Password Grant Authentication
The user enters username and password in the client, and the client application backend calls the unified authentication platform to obtain an Access Token.
Request Description
http
POST https://{your_domain}/api/v1/oauth2/tokenRequest Headers
| Parameter | Name | Required | Example | Description |
|---|---|---|---|---|
| Authorization | Authentication info | Required | Basic UnFCMOWk9xWA== | Use client_id and client_secret for Base64 authentication. Format: base64(client_id:client_secret) |
| Content-Type | Data type | Required | application/x-www-form-urlencoded | Submit parameters using form data. |
Request Example
http
POST https://{your_domain}/api/v1/oauth2/tokenAuthorization: Basic UnFCMkhKdGt6bFU...aT0NObkk4NlNOWk9xWA==
Content-Type: application/x-www-form-urlencoded
username=test&password=123456&grant_type=password
Request Parameters
| Parameter | Name | Required | Example | Description |
|---|---|---|---|---|
| grant_type | Authorization type | Yes | password | password |
| username | Login name | Yes | test | Login name / mobile / email |
| password | Password | Yes | 123456 |
Response Example
Success response example
json
HTTP Status: 200 OK
{
"access_token": "Z43T3KWH9lecmy3H1IaCI...XRmsXaA",
"token_type": "Bearer",
"refresh_token": "WEAFOmOJ-A4LOhF_I39DvJuqxP0...XkFlFA",
"expires_in": 7199,
"scope": "get_user_info"
}Incorrect username or password
json
HTTP Status: 400 Bad Request
{
"error": "invalid_request",
"error_description": "An authorization username must be supplied."
}Incorrect username or password
json
HTTP Status: 400 Bad Request
{
"error": "invalid_grant",
"error_description": "Bad credentials"
}User is locked
json
HTTP Status: 400 Bad Request
{
"error": "invalid_grant",
"error_description": "User is locked"
}User is disabled
json
HTTP Status: 400 Bad Request
{
"error": "invalid_grant",
"error_description": "User is disabled"
}User password has expired
json
HTTP Status: 400 Bad Request
{
"error": "invalid_grant",
"error_description": "Password has expired"
}Application credentials error
json
HTTP Status: 401 UNAUTHORIZED
{
"error": "invalid_client",
"error_description": "Bad client credentials"
}Response Parameters
If the user logs in and authorizes successfully, the authorization token access token is returned.
| Parameter | Name | Required | Description |
|---|---|---|---|
| access_token | Authorization token | 8ab9812c-1076-47f0-9e4a-6d48280ec524 | Authorization token returned by the authorization server to the third-party application; this parameter must be provided for all subsequent API calls. |
| expires_in | Access token validity period | 1500 | Validity period of the access ticket returned by the authorization server to the application. Note: the validity period is in seconds. |
| refresh_token | Refresh token | 92fe3c7a-f8ad-4dc3-b0c4-c0281c1fa560 | |
| token_type | Token type | bearer | |
| scope | Authorization scope | get_user_info |