Get an Authorization Code

Endpoint URL: {registrationDomain} /access/getAuthorizationCode

Returns an authorization code that can be exchanged for an access token and a refresh token. For a video demo in Postman, click here.

This endpoint supports the following methods:

POST

POST

API Client Permissions

The following table indicates the API clients that can (and the API clients that can't) be used to call this endpoint:

owner	access_issuer	direct_access	direct_read_access	login_client
Yes	Yes	Yes	No	No

Authentication

This endpoint supports both Basic authentication (recommended) and janrain-signed authentication.

How to Create an Authentication String

Base URL

The base URL for this endpoint is your Identity Cloud Capture domain; for example:

https://educationcenter.us- dev.janraincapture.com

Your Capture domains (also known as Registration domains) can be found in the Console on the Manage Application page:

Examples

Example Request

This command returns an authorization code for the user with the ID 11521.


curl -X POST \
  -H "Authorization: Basic dXQ0YmdycmE3dzI4MmpjZm15cGZxeDlwemhxaGpqMmI6dW5qemU5bndrZnV5NmpwdzgzOHFwYTdhZDNoZG55YTY="\
  --data-urlencode redirect_uri=http://documentation.janraincapture.com/oauth \
  --data-urlencode id=11521 \
  --data-urlencode type_name=user \
  https://my-app.janraincapture.com/access/getAuthorizationCode

Running this command in Postman

Query Parameters

Parameter	Type	Required	Description
uuid	string	No	UUID of the user account. This parameter is required unless you are using either the id parameter or the key_attribute parameter.
id	string	No	ID of the user account. This parameter is required unless you are using either the uuid parameter or the key_attribute parameter.
key_attribute	string	No	Unique attribute found in the user account schema. This parameter is required unless you are using either the id parameter or the uuid parameter.
key_value	string	No	Value assigned to the key_attribute parameter.
redirect_uri	string	No	Token exchange URL.
type_name	string	Yes	Name of the entityType.
transaction_state	string	No	JSON object that will be associated with the authorization code and returned when it is exchanged for an access_token and a refresh token. You determine what data is returned.
lifetime	string	No	Number of seconds for which the code is valid. The default is 30 seconds.
for_client_id	string	Yes	Client ID of the API client being used to retrieve an authorization code.

Responses

200 OK

Response Example (application/json)


{
  "authorizationCode": "12345678912345",
  "stat": "ok"
}

How to Create an Authentication String

To create an authentication string, combine your API client ID, a colon (:), and your client secret into a single value. For example, if your client ID is abcdefg and your client secret is hijklmnop, that value would look like this:

abcdefg:hijklmnop

Next, take the string and base64 encode it. For example, on a Mac, you can base encode the string using this command:

echo -n "abcdefg:hijklmnop" | base64

If you’re running Microsoft Windows, you can encode the string by using a Windows PowerShell command similar to this:

[Convert]::ToBase64String([System.Text.Encoding]::UTF8.GetBytes("abcdefg:hijklmn"))

The resulting value (e.g., YWJjZGVmZzpoaWprbG1ub3A=) should be used in your authentication header.

If you are making API calls using Postman, select Basic Auth as your identification type, then use the client ID as the username and the client secret as the password.

Before you actually try your authentication string, make sure that your API client has the all the permissions (for example, the right to read user profile information) needed to complete the API call.

Endpoint URL: {registrationDomain} /access/getAuthorizationCode

POST

Running this Command in Postman

How to Create an Authentication String

Rate this Article