Client Credentials Flow [VF 21.3 IG]
OpenID Connect client credentials flow is used for authenticating via the backend services. As such, no user interaction is required in order to perform operations via the Web API.
Obtaining token via Token Endpoint
Obtaining an access token is made possible by following the endpoint below when using the client credentials flow:
Endpoint for Obtaining Access Token via Client Credentials Flow |
|
We recommend to use an OIDC-compliant client library instead of directly interacting with this endpoint. The OIDC discovery endpoint is available under {{authServiceEndpoint}}/.well-known/openid-configuration
.
The POST request must contain the following data:
POST Request
Headers:
ContentType: application/x-www-form-urlencoded
Accept: application/json
Body (x-www-form-urlencoded):
grant_type: client_credentials
scope: api1
client_id: {{client_id}}
client_secret: {{client_secret}}
This returns the following access token (example).
EXAMPLE Returned Access Token
{
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6IjRhQUFtWVdVWFJHU2pIUWk5RzVLcHdoclU4TSIsImtpZCI6IjRhQUFtWVdVWFJHU2pIUWk5RzVLcHdoclU4TSJ9.eyJpc3MiOiJodHRwOi8vQVNZREVDR05OQjAwMTUyOjE5MDgxL0ludGVncmF0aW9ucy9BdXRoZW50aWNhdGlvbi9jb3JlIiwiYXVkIjoiaHR0cDovL0FTWURFQ0dOTkIwMDE1MjoxOTA4MS9JbnRlZ3JhdGlvbnMvQXV0aGVudGljYXRpb24vY29yZS9yZXNvdXJjZXMiLCJleHAiOjE1MjM0NTMxMTc-sIm5iZiI6MTUyMzQ0OTUxNywiY2xpZW50X2lkIjoibWV0YWRhdGFfYWdlbnQiLCJzY29wZSI6ImFwaTEifQ.AHDkPuOAmYqmcf45glQtdGW-Ygl_WJu8lUO4QyHHStMtkJwGXrqpAJiaA8sSndIvR7y7KGVGFUvwJaEETsV9E-hClPVn-Vh-CNZt4b7sEftwOenCdfGDKq4c0hF9eZqcHMecevJbnYcemT0QPTb0Q5cHz-c91ZHN3qIummdK3fcq6c2Brzzqw_kP3c7xbfd4oJo3klQyAIc89SnC4qjAgUXXPPEBRdaseH2kFGyCActpOd8CR7wmKQwHH6JEqNtD6MDKFbXAhP3Um8NrFnt2tbxp8_WcP1UhMqFAqjpXSdl3OActrM3tO_7UBdu4DFQigDUqEj-kCmNZRNxPLv6DmQ",
"expires_in": 3600,
"token_type": "Bearer"
}
Obtaining token via Libraries
For many programming languages or frameworks there are OIDC client libraries available that can be used to connect directly to VidiFlow Authentication Service to obtain the token. Examples are listed below:
Please refer to each libraries documentation on how to obtain the respective access token.