Tokens REST API | ObjectsGrid

Create a new Access Token for an User Account

post

Header parameters

X-ObjectsGrid-AccessPointstring · enumRequired

EU or US depending on where your Organization Account is located

Possible values:

Body

grant_typestring · enumRequired

OAuth2 required attribute, do not change the 'urn:ietf:params:oauth:grant-type:token-exchange' value

Possible values:

subject_tokenstringRequired

Your ID Token that you obtained from the external Identity Provider (Google, Facebook, Okta)

subject_token_typestring · enumRequired

OAuth2 required attribute, do not change the 'urn:ietf:params:oauth:token-type:id_token' value

Possible values:

client_idstringRequired

Your Organization Account ID. The attribute name 'client_id' is required for OAuth2 standard compliance, but for this use case it really is organization account id.

Responses

201

Successfully created the organization account

application/json

400

Bad request

application/json

401

Unauthorized

application/json

427

Too Many Requests

application/json

500

Internal server error

application/json

post

POST /oauth2/token/useraccount HTTP/1.1
Host: apis.objectsgrid.com
X-ObjectsGrid-AccessPoint: EU
Content-Type: application/json
Accept: */*
Content-Length: 171

{
  "grant_type": "urn:ietf:params:oauth:grant-type:token-exchange",
  "subject_token": "text",
  "subject_token_type": "urn:ietf:params:oauth:token-type:id_token",
  "client_id": "text"
}

{
  "access_token": "text",
  "token_type": "text",
  "expires_in": 1,
  "refresh_token": "text"
}

Create a new Access Token for a Service Account

post

Authorizations

Header parameters

X-ObjectsGrid-AccessPointstring · enumRequired

EU or US depending on where your Organization Account is located

Possible values:

Body

grant_typestring · enumRequired

OAuth2 required attribute, do not change the 'client_credentials' value

Possible values:

Responses

201

Successfully created the organization account

application/json

400

Bad request

application/json

401

Unauthorized

application/json

427

Too Many Requests

application/json

500

Internal server error

application/json

post

POST /oauth2/token/serviceaccount HTTP/1.1
Host: apis.objectsgrid.com
Authorization: Basic username:password
X-ObjectsGrid-AccessPoint: EU
Content-Type: application/json
Accept: */*
Content-Length: 35

{
  "grant_type": "client_credentials"
}

{
  "access_token": "text",
  "token_type": "text",
  "expires_in": 1,
  "refresh_token": "text"
}

Create a new Access Token for an Anonymous Account

post

Authorizations

Header parameters

X-ObjectsGrid-AccessPointstring · enumRequired

EU or US depending on where your Organization Account is located

Possible values:

Body

grant_typestring · enumRequired

OAuth2 required attribute, do not change the 'client_credentials' value

Possible values:

Responses

201

Successfully created the organization account

application/json

400

Bad request

application/json

401

Unauthorized

application/json

427

Too Many Requests

application/json

500

Internal server error

application/json

post

POST /oauth2/token/anonymous HTTP/1.1
Host: apis.objectsgrid.com
Authorization: Basic username:password
X-ObjectsGrid-AccessPoint: EU
Content-Type: application/json
Accept: */*
Content-Length: 35

{
  "grant_type": "client_credentials"
}

{
  "access_token": "text",
  "token_type": "text",
  "expires_in": 1,
  "refresh_token": "text"
}

Refresh Access Token using a Refresh Token

post

Authorizations

Header parameters

X-ObjectsGrid-AccessPointstring · enumRequired

EU or US depending on where your Organization Account is located

Possible values:

Body

refresh_tokenstringRequired

The refresh token you previously obtained in a Create Access Token request

grant_typestring · enumRequired

OAuth2 required attribute, do not change the 'refresh_token' value

Possible values:

Responses

201

Successfully refreshed token

application/json

400

Bad request

application/json

401

Unauthorized

application/json

427

Too Many Requests

application/json

500

Internal server error

application/json

post

POST /oauth2/token/refresh HTTP/1.1
Host: apis.objectsgrid.com
Authorization: Bearer Bearer JWT
X-ObjectsGrid-AccessPoint: EU
Content-Type: application/json
Accept: */*
Content-Length: 53

{
  "refresh_token": "text",
  "grant_type": "refresh_token"
}

{
  "access_token": "text",
  "token_type": "text",
  "expires_in": 1,
  "refresh_token": "text"
}

Revoke a Refresh Token (Administrators only)

post

Authorizations

Header parameters

X-ObjectsGrid-AccessPointstring · enumRequired

EU or US depending on where your Organization Account is located

Possible values:

Body

tokenstringRequired

The refresh token to revoke

token_type_hintstring · enumRequired

OAuth2 required attribute, do not change the 'refresh_token' value

Possible values:

Responses

200

Successfully revoked token or token already revoked. No response body returned.

400

Bad request

application/json

401

Unauthorized

application/json

427

Too Many Requests

application/json

500

Internal server error

application/json

post

POST /oauth2/token/revoke HTTP/1.1
Host: apis.objectsgrid.com
Authorization: Bearer Bearer JWT
X-ObjectsGrid-AccessPoint: EU
Content-Type: application/json
Accept: */*
Content-Length: 50

{
  "token": "text",
  "token_type_hint": "refresh_token"
}

No content