Client Authorization
Interaction of the service requires client authorization. The client authorization is made via the OAuth 2.0 protocol.
To get a token, you should send a POST request (x-www-form-urlencoded) to URL:
Environment | URL |
testing | |
production |
Valuable parameters and their possible values:
grant_type: type of authentication, available value: client_credentials;
client_id: client identifier, equal to Account;
client_secret: client's secret key, equal to Secure password.
In response to the access request, the following information will be returned:
access_token: jwt-token;
token_type: token type (always takes value "bearer");
expires_in: lifetime of the token (default value: 3,600 seconds);
scope: scope of the token (access to and operations with objects);
jti: unique identifier of the token.
Then, when the user refers to the service methods, the received token is transmitted in the request header in the following form: |
Sample Request:
KEY | VALUE |
grant_type | client_credentials |
client_id | wqGwiQx0gg8mLtiEKsUinjVSICCjtTEP |
client_secret | RmAmgvSgSl1yirlz9QupbzOJVqhCxcP5 |
{ "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzY29wZSI6WyJvcmRlcjphbGw...", "token_type": "bearer", "expires_in": 3599, "scope": "order:all payment:all", "jti": "9adca50a-..." } |
© 2000—2024, Курьерская компания СДЭК