API version:
POST /oauth/token
Request an Access Token
Requesting an Access Token:
Once an authorization code is obtained, it can be exchanged for an access token. Access tokens expire after two hours but can be re-issued by using the refresh token.
If successfull the access token can be used in subsequent requests to the api. This can be accomplished by including in the header of the request or as a query parameter.
Supported Formats
jsonErrors
Code | Description | Metadata |
---|---|---|
403 | Forbidden | - OAuth2 Error |
Examples
Creating a new OAuth2 Token POST application/x-www-form-urlencoded: curl -F grant_type=authorization_code \ -F client_id=CLIENT_ID \ -F client_secret=CLIENT_SECRET \ -F code=AUTHORIZATION_CODE_FROM_REDIRECT \ -F redirect_uri=REDIRECT_URI \ -X POST https://api.rightsignature.com/oauth/token RESPONSE: { "access_token": ACCESS_TOKEN, "token_type": "bearer", "expires_in": 7200, "refresh_token": REFRESH_TOKEN, "scope": "read", "created_at": 1734566421 } ================================================================================ Refreshing an existing OAuth2 Token POST application/x-www-form-urlencoded: curl -F grant_type=refresh_token \ -F refresh_token=REFRESH_TOKEN \ -F client_id=CLIENT_ID \ -F client_secret=CLIENT_SECRET -X POST https://api.rightsignature.com/oauth/token RESPONSE: { "access_token": ACCESS_TOKEN, "token_type": "bearer", "expires_in": 7200, "refresh_token": REFRESH_TOKEN, "scope": "read", "created_at": 1734566421 }
HEADER: curl --header "Authorization: Bearer a503faf9-45b5-4fec-8334-337284a66ea4" https://api.rightsignature.com/public/v1/documents/12345678 QUERY PARAMETER: curl https://api.rightsignature.com/public/v1/documents/12345678?access_token=a503faf9-45b5-4fec-8334-337284a66ea4
Params
Param name | Description |
---|---|
client_id required |
The API Key's Client ID Validations:
|
client_secret required |
The API Key's Client Secret Validations:
|
redirect_uri required |
The API Key's redirect uri that was used in the authorization grant request Validations:
|
code required |
The code that was included as a param in the redirect after authorizing Validations:
|