Endpoint - OAuthAuthorizationEndpoint

Endpoint that is called to get an access token via OAuth, using client credentials flow and passing in the client id and client secret set in the installation

If an endpoint is set for OAuthAuthorizationEndpoint, a bearer access token will be requested from this using "client_credentials" as a grant type with the client_id and client_secret set on installation. Any scopes set in OAuthScopesRequested will be sent in this request. Once received, this will be included in all calls in the Authorization Header as "Bearer <accesstoken>"

Note this is where OAuth2.0 is set up on the external application, not at Linnworks.

See OAuth for Channel Integrations for more details

Request

POST

form parameters

Field NameTypeDescription
grant_typeStringSet to client_credentials
client_idStringSet to the client id added by the user on installation
client_secretStringSet to the client secret added by the user on installation
scopeStringSet to the OAuthScopesRequested given in the application manifest. Space delimited.

Sample

grant_type=client_credentials&client_id=ABC&client_secret=DEF&scope=read write

Response

Response

Field Name

Type

Description

access_token Required

String

Valid OAuth2 bearer token

token_type
Required

String

Should be set to "bearer".

expires_in
Required

String

Denotes when the access_token expires in seconds.

scope
Required

String

Space delimited string of the granted scopes.

Sample

{
  "access_token": "eyAbcDEfOiJkZWZhdWx0IiwidWxnIjoiUlMyNTYifQ.eyJzdWIiOiJlMj...",
  "token_type": "bearer",
  "expires_in": 7199,
  "scope": "read write"
}