Endpoint - OAuthAuthorizationEndpoint

Endpoint that is called to get an access token via OAuth, using client credentials flow and passing in the client id and client secret set in the installation

If an endpoint is set for OAuthAuthorizationEndpoint, a bearer access token will be requested from this using "client_credentials" as a grant type with the client_id and client_secret set on installation. Any scopes set in OAuthScopesRequested will be sent in this request. Once received, this will be included in all calls in the Authorization Header as "Bearer "

Note this is where OAuth2.0 is set up on the external application, not at Linnworks.

See OAuth for Channel Integrations for more details

Request

POST

form parameters

Field NameTypeDescription
grant_typeStringSet to client_credentials
client_idStringSet to the client id added by the user on installation
client_secretStringSet to the client secret added by the user on installation
scopeStringSet to the OAuthScopesRequested given in the application manifest. Space delimited.

Sample

grant_type=client_credentials&client_id=ABC&client_secret=DEF&scope=read write

Response

Response

Field NameTypeDescription
access_tokenStringValid OAuth2 bearer token
token_typeStringShould be set to "bearer".
expires_inStringDenotes when the access_token expires in seconds.
scopeStringSpace delimited string of the granted scopes.

Sample

{
  "access_token": "eyAbcDEfOiJkZWZhdWx0IiwidWxnIjoiUlMyNTYifQ.eyJzdWIiOiJlMj...",
  "token_type": "bearer",
  "expires_in": 7199,
  "scope": "read write"
}