Brainysoft Docs

English

Русский

English

Русский

Appearance

Authorization Service API

MethodURIDescription
POST/oauth/tokenObtain an access token (access_token) for API authorization

Obtaining an Access Token

POST /oauth/token

Method Description

This method is designed to obtain an access token (access_token), which is used to authorize all subsequent requests to the Brainysoft API. The token is issued based on ClientApp credentials (client_id and client_secret) created in the authorization service.

Prerequisites.

Important - before using this method, you must complete the following steps:

  1. Create a new user in the authorization service:
    • Be sure to add GrantType client_credentials in the "Authorization" section.
    • The "ClientApp active" toggle must be enabled.
  2. Save the credentials:
    • After creating the ClientApp, save the client_id (login) and client_secret (password).
    • These data are displayed only once in the notification after creation.

Parameters can be passed in two ways:

  1. Query Parameters (in URL).
  2. Body (in request body, Content-Type: application/x-www-form-urlencoded).
ParameterTypeRequiredDescription
grant_typestringYesAuthorization type. Must be client_credentials
client_idstringYesClient identifier (login obtained when creating ClientApp).
client_secretstringYesClient secret key (password obtained when creating ClientApp).

Example 1: cURL, Query Parameters

bash
curl --location --request POST 'https://{customer-key}-auth.brainysoft.ru/oauth/token?grant_type=client_credentials&client_id=f81f7fb9-****-****-****-*********&client_secret=6jsHY5********************'

Example 2: cURL, Body

bash
curl -X POST "https://{customer-key}-auth.brainysoft.ru/oauth/token" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "grant_type=client_credentials" \
  -d "client_id=f81f7fb9-****-****-****-*********" \
  -d "client_secret=6jsHY5********************"

Note:

  • Use the client_id and client_secret values obtained when creating the ClientApp.
  • Replace {customer-key} with the actual customer-key.

Response Example:

json
{
  "access_token": "....",         // Access token.
  "token_type": "Bearer",         // Token type.
  "expires_in": 299,              // Token lifetime in seconds. 299 seconds = 5 minutes.
  "scope": "core_basic admin:read admin:write account:read account:write account:pswrd account:totp
  admin_1:read admin_1:write",    // List of permissions (scopes) granted to the token. Separated by spaces.
  "sessid": "d7222674-bc8a-4db9-aa44-a9206cada8df"  // Session identifier.
}

Important:

  • Save the access_token — it will be needed for all subsequent API requests.
  • Use the token in the header: Authorization: Bearer {access_token}.
  • The token is valid only for the time specified in expires_in.
  • After the token expires, you must obtain a new token.