Client credentials can be used when the authorization scope is limited to the protected resources belonging to the client. Client credentials are used as an authorization grant when the client requests access to protected resources based on an authorization previously arranged with the authorization server. The client application requests an access token from the authorization server, authenticating the request with its client key and client secret. If the client is successfully authenticated, an access token is returned.
Invoking the Token API to generate the tokens
- Obtain a valid consumer key and consumer secret pair. Initially, you generate these keys through the API Store by clicking Generate Keys in the Production Keys tab of the application.
- Combine the consumer key and consumer secret key in the format
consumer-key:consumer-secretand encode the combined string using base64 (http://base64encode.org).
Use the following sample cuRL command to obtain the access token.
You receive a response similar to the following: