Endpoint - OAuthAuthorizationEndpoint

Endpoint that is called to get an access token via OAuth, using client credentials flow and passing in the client id and client secret set in the installation

If an endpoint is set for OAuthAuthorizationEndpoint, a bearer access token will be requested from this using "client_credentials" as a grant type with the client_id and client_secret set on installation. Any scopes set in OAuthScopesRequested will be sent in this request. Once received, this will be included in all calls in the Authorization Header as "Bearer <accesstoken>"

Note this is where OAuth2.0 is set up on the external application, not at Linnworks.

See OAuth for Channel Integrations for more details

Request

POST

`form parameters`

Field Name	Type	Description
grant_type	`String`	Set to client_credentials
client_id	`String`	Set to the client id added by the user on installation
client_secret	`String`	Set to the client secret added by the user on installation
scope	`String`	Set to the OAuthScopesRequested given in the application manifest. Space delimited.

Sample

grant_type=client_credentials&client_id=ABC&client_secret=DEF&scope=read write

Response

`Response`

Field Name	Type	Description
access_token Required	`String`	Valid OAuth2 bearer token
token_type Required	`String`	Should be set to "bearer".
expires_in Required	`String`	Denotes when the access_token expires in seconds.
scope Required	`String`	Space delimited string of the granted scopes.

Sample

{
  "access_token": "eyAbcDEfOiJkZWZhdWx0IiwidWxnIjoiUlMyNTYifQ.eyJzdWIiOiJlMj...",
  "token_type": "bearer",
  "expires_in": 7199,
  "scope": "read write"
}

Updated 8 days ago

What’s Next

OAuth for Channel Integrations