Authorization Server OAuth 2.0 Token Service: Overview

Provides operations for performing activities relating to the OAuth 2.0 Provider’s token endpoint.

Calls to this service are always initiated by the application, never by the resource owner. Since the token endpoint is only used in two-legged scenarios, these operations are only used by two-legged grant types (Client Credentials and Resource Owner Password Credentials).

Note: In the token endpoint there is a grant_type parameter that uses the value of refresh_token when obtaining an access token using a refresh token. This is per the OAuth specification:

URL: https://{oauth-provider-url}/oauth/oauth20

Action Endpoint Description
get token (GET) GET /oauth/oauth20/token Returns an OAuth 2.0 token using HTTP GET.
get token (POST) POST /oauth/oauth20/token Returns an OAuth 2.0 token using HTTP POST.

Back to top

Related Topics