Skip to content

Latest commit

 

History

History
27 lines (23 loc) · 1.6 KB

134_client-credentials-flow.md

File metadata and controls

27 lines (23 loc) · 1.6 KB

Client Credentials Flow

RFC reference

flow

  • Get tokens using Client Credentials Flow. 
    curl --location --request POST 'http://localhost:8080/services/oauth2/{organization-id}/{project-id}/token?grant_type=client_credentials&scope={scopes}&client_id={id}&client_secret={secret}' \
--header 'Content-Type: application/x-www-form-urlencoded'
  1. Client application sends POST request above with client credentials.
  2. iam-service verifies organization / project, client credentials.
  3. iam-service issues tokens if verification above is successful.
  4. tokens are provided to client application.
  5. Token Verification process, back channel.
  6. client application use access_token to access resources.
  7. Refresh Tokens flow.

Test in Postman or Insomnia

Name Value
Grant Type Client Credentials
Access Token URL http://localhost:8080/services/oauth2/iam-admins/iam-admins/token
Client ID admin-client
Client Secret top-secret
Scope ""