OAuth

Using OAuth, PrizmDoc Cloud-Hosted can not only authorize a request via the PrizmDoc Cloud-Hosted API key, but also by custom user information. Ultimately, this will allow you to create rules to limit access to various resources.

Available URLs

URL	Description
POST /v1/authTokens	Retrieves an authorization token that can be used to authenticate calls to Accusoft’s hosted services.

POST /v1/authTokens

Retrieves an authorization token that can be used to authenticate calls to Accusoft’s hosted services.

Request

Request Headers

Name	Description
`acs-api-key`	Required {{api-key}}
`Content-Type`	Required application/x-www-form-urlencoded

Request Body

grant_type=client_credentials&scope={client customer user id} {client custom role}

Successful Response

Response Body

Success returns code 200 - OK

Content-Type: application/json
Cache-Control: no-store
Pragma: no-cache

Error Responses

Status Code	JSON errorCode	Description
`400`	`"Bad Request"`	Returned when data is incorrect within body of the request.
`401`	`"Unauthorized"`	Returned when the key provided in the `acs-api-key` is incorrect or missing.

Examples

Request

grant_type=client_credentials&scope={client customer user id} {client custom role}

grant_type=client_credentials&scope=userid:1234 role:admin

Response

Successful Response

{
     "access_token":"{valid access token}",
     "token_type":"acs-oauth",
     "expires_in":{time in seconds},
     "scope":{requested scope} // user:{useridValue} role:{roleValue}
}

{
     "access_token":"PrizmDoc Cloud-Hosted-ACCESS-TOKEN",
     "token_type":"acs-oauth",>
     "expires_in":3600,
     "scope":"userid:1234 role:admin"
}

Error Response

{
     "error":"invalid_request" // error code definitions: https://tools.ietf.org/html/rfc6749#section-5.2
}