Info |
---|
Login using OAuth2.0 is available since MediaHaven version 18.4. It is the preferred way of authenticating for new integrations. |
...
2. Obtaining a token
Client Credentials Grant a.k.a. interactive flow.
Info |
---|
If your app offers a UI, you are required to use this flow |
...
Tip |
---|
It is possible to automatically redirect to an external auth provider (as a means to set-up SSO) by using the |
Tip |
---|
By default the authorization portal will auto-sense the language used by the end-user. Supported languages are nl, fr and en. It is possible to override this auto-sensing by adding the |
If the user clicks the "Authorize" option he will be redirected back to your initially registered Redirect-URL, with the Authorization code as query parameter:
...
To obtain an actual access_token you would make a POST request to the following endpoint, and supply the code
, client_id
, client_secret
and grant_type=authorization_code
parameters
https://integration.mediahaven.com/auth/oauth2/token
...
Below is an example of the request with cURL.
|
If all goes well, you'll receive a status 200 with the following JSON:
|
Warning |
---|
It's also possible a statuscode != 200 is returned. You must take appropriate action. |
...
You make a similar POST request as when requesting the token, but this time you supply the refresh_token
and grant_type=refresh_token
parameters.
Code Block |
---|
curl -X POST https://integration.mediahaven.com/auth/oauth2/token \ --data "grant_type=refresh_token" \ --data "refresh_token=1INOoUzpcFNa2diTVDGg86696mvJkUdZ" \ --data "client_id=882rgLgNTSqwBSnUUbC3qRiUfMGhorzZ" \ --data "client_secret=KwfoaaXUDc6xdQKxBwxvxK55D4wZQ757" |
...
If all goes well, you will get a 200 status code with a new access_token
and refresh_token
. The previous access_token
and refresh_token
will be invalid.
If the response returns a 401 Unauthorized, that means that the refresh_token has expired or your App permissions have been revoked. You would then start the flow back from the beginning.
...