FAST LOGIN API
Token Endpoint
You can click the file below to
download the Token and UserInfo Endpoint Postman Project:
Token and UserInfo Endpoint Postman Project
Token Endpoint URL: https://hizligiris.com.tr/hizligiris/oauth/token
http method: POST
Header Mandatory Parameters
URI Parameter | Description |
*Authorization | HTTP Basic authorization to access the
API. Base64 encoded String of your
"<client_id>:<client_secret>" (please note, these
are client_id, client_secret value from the discovery
response.) Type: String |
*Content-Type | Describe the format of the "POST" data
that is being sent across. Always set to
"application/x-www-form-urlencoded" Type: String |
Body Mandatory Parameters
URI Parameter | Description |
*code | The "code" parameter you received from the
Authentication Endpoint request's response Type: String |
*grant_type | The type of "code" that is being
submitted. Always set it to "authorization_code" Type: String |
*redirect_uri | Used as an extra level of security. If a
mis-matched redirect_uri is passed in the token request URL(other than the registered in the form),
error will be thrown. Make sure to use the same redirect uri that you used in the Authentication Request URL for the generation of authentication "code" otherwise mis-match error will be thrown. Type: URI |
Response
URI Parameter | Description |
*access_token | OAuth 2.0 access_token, used to get the
UserInfo object from the UserInfo end-point and can be reused
for accessing other protected resources, if required Type: String |
*token_type | The type of token received. In Fast Login
case, it should always be "Bearer" Type: String |
*expires_in | Expiration time in seconds from the time
of generation of the response Type: String |
*id_token | Additional token used in OIDC to provide
the Identity token claim. A Base64URL encoded String, when
decoded contains all the claims in JSON format
|
Sample Token Request via using Postman
Authorization
Header of Request
Key | Value |
*Content-Type | application/x-www-form-urlencoded |
*Accept | text/plain, application/json, application/json, application/*+json, application/*+json, text/plain, */*, */* |
*Access-Control-Allow-Origin | hizligiris.com.tr |
*Authorization | Basic Y2xpZW50OnNlY3JldA== |
- You have to change accunt information that is given in "Authorization", that is an example:
- "Basic" + Base64.encode(username + ":" + password)
Body of Request
Key | Value |
*redirect_uri | https://mylocalhost.com |
*grant_type | authorization_code |
*code | 5a032d59-47f6-4c83-8135-cd38784137db |
Response
- Here is an example of Token Endpoint response
- You can see for parameter details
token response={ "access_token":": "eyJhbGciOiJSUzI1NiJ9.eyJleHAiOjE1NDg3NDcwMTMsImF1ZCI6ImNsaWVudCIsImlzcyI6Imh0dHA6XC9cL2xvY2FsaG9zdDo4MDgwXC9tb2JpbGVjb25uZWN0XC8iLCJqdGkiOiJkNzQ0NTE2OC1hYjE3LTRjZDEtOGQ4NS1hNDM0OTRjNDRhNWYiLCJpYXQiOjE1NDg3NDY4OTN9.ckQZBwbPEpljlhxf6g5BshIwM3bsLdbSrp9XI_Ir8W0YXYtha3dLHSz6PjFKfE1Fx2oAk7_cejhbOEOUVb8niCG3nmlXd3JFS2YIdC8x36E_oWHaudDRnevMfZf6xrkhXaGz9q_NsfuxOsq4Q0mZuNKTTelG3NbprNOaLiHTY18", , "token_type":"Bearer", "expires_in":2591999 , "scope":"phone email openid profile", "id_token":"eyJhbGciOiJSUzI1NiIsImtpZCI6InJzYTEifQ.eyJleHAiOjE1NDg3NDc0OTMsInN1YiI6ImZiNzZhNTI1LTM0YzItNDQwYi05YWZkLTQzYTQyY2JhOGNhNCIsImF6cCI6ImNsaWVudCIsIm5vbmNlIjoiTm9uY2UwLnZkbDRyanVsMmJ0enkyNHduaW1hYnJ6ZnIiLCJhdWQiOlsiY2xpZW50IixudWxsXSwiaXNzIjoiaHR0cDpcL1wvbG9jYWxob3N0OjgwODBcL21vYmlsZWNvbm5lY3RcLyIsImlhdCI6MTU0ODc0Njg5MywiYWNyIjoiMiIsImFtciI6WyJPSyIsIk9UUCJdLCJraWQiOiJyc2ExIn0.ESknUrbDoX17m8OxeaXxVfngDiqus0fC34TCle7skdDUW7g-SgfAJKNCpRVzT_LOdCoXLpEIcQlJ96uaAp4JICbmPIFn0T7I0719tzWL-bbqa4VyMUvPpU1vBouYs9axipJR_sZdhtTbxhGxHXhRRDMI3xVMPttr9CG75q1Igrw" , } } |