Client Credentials Grant
Use the Client Credentials Grant to authenticate and authorize server-to-server operations
The Client Credentials grant type is typically used for server-to-server API operations. In this scenario, you are not acting as a Smokeball user but a type of “service” that can perform operations on an Account level.
Request an Access Token
Make a POST request to https://auth.smokeball.com/oauth2/token
with the following parameters and headers:
Basic Authentication header containing the client_id
and client_secret
(base64-encoded).
Format: Basic base64(client_id:client_secret)
.
Example: Basic Y2xpZW50X2lkOmNsaWVudF9zZWNyZXQ=
Must be set to application/x-www-form-urlencoded
.
Ensures the request body is properly encoded.
Must be set to client_credentials
for this OAuth2 flow.
Indicates the request is for client credentials grant.
The client identifier that has been issued.
Used to authenticate the client making the request.
The Authorization header must be the string “Basic” followed by your client_id and client_secret with a colon : in between, Base64 Encoded. For example, client_id:client_secret is Y2xpZW50X2lkOmNsaWVudF9zZWNyZXQ=
Sample Response
See AWS Cognito Token Endpoint Documentation for more information
See Making Requests - Server-to-Server requests for details on using Client Credentials.