You can obtain an access token by providing the resource owner's username and password as an authorization grant. It requires the base64 encoded string of the
consumer-key:consumer-secret combination. You need to meet the following prerequisites before using the Token API to generate a token.
Please refer to the WSO2 IS documentation for a detailed explanation on this grant type with the use of a sequence diagram.
- A valid user account in the API Store. You can self sign up if it is enabled by an admin.
- A valid consumer key and consumer secret pair. Initially, these keys must be generated through the API Store by clicking Generate Keys on the Production Keys tab of the application.
A running API Gateway instance (typically an API Manager instance should be running). For instructions on API Gateway, see Components.
- If the Key Manager is on a different server than the API Gateway, change the server URL (host and ports) of the Key Manager accordingly in the
<APIKeyManager><ServerURL>element of the
If you have multiple Carbon servers running on the same computer, change the port with an offset to avoid port conflicts.