Access token fetch APIs
All Hybrid Connector Configuration Gateway API calls require an access token to authenticate the requester and authorize its use of the API. The access token must be renewed every five minutes and requires a service principal with a Client ID and Client Secret unique to each environment and system. The Client ID and Secret can be used for all tenants in a given environment. Client IDs and Secrets may be obtained upon request.
Variables
| Variable | Description |
|---|---|
| client_id | Client ID for the service principal provided by the core services team. |
| client_secret | Client Secret for the service principal provided by the core services team. |
| grant_type | Always set to 'client_credentials'. |
| scope | Always set to 'ICSP'. |
Sample cURL Request
curl --location --request POST 'https://idenserver.itrontotal.com/connect/token'
--header 'Content-Type: application/x-www-form-urlencoded'
--data-urlencode 'client_id={client_id}'
--data-urlencode 'client_secret={client_secret}'
--data-urlencode 'grant_type=client_credentials'
--data-urlencode 'scope=ICSP'
Sample JSON Response
{
"access_token": "eyJhbGciOiJSUz",
"expires_in": 3600,
"token_type": "Bearer",
"scope": "ICSP"
}