OAuth
Using OAuth, PrizmDoc Cloud can not only authorize a request via the PrizmDoc Cloud API key, but also by custom user information. Ultimately, this will allow you to create rules to limit access to various resources.
Available URLs
URL | Description |
---|---|
POST /v1/authTokens | Retrieves an authorization token that can be used to authenticate calls to PrizmDoc Cloud Services. |
POST /v1/authTokens
Retrieves an authorization token that can be used to authenticate calls to PrizmDoc Cloud Services.
Request
Request Headers
Name | Description |
---|---|
acs-api-key |
Required {{api-key}} |
Content-Type |
Required application/x-www-form-urlencoded |
Request Body
grant_type=client_credentials&scope={client customer user id} {client custom role}
Successful Response
Response Body
Success returns code 200 - OK
Content-Type
: application/jsonCache-Control
: no-storePragma
: no-cache
Error Responses
Status Code | JSON errorCode |
Description |
---|---|---|
400 |
"Bad Request" |
Returned when data is incorrect within body of the request. |
401 |
"Unauthorized" |
Returned when the key provided in the acs-api-key is incorrect or missing. |
Examples
Request
grant_type=client_credentials&scope={client customer user id} {client custom role}
grant_type=client_credentials&scope=userid:1234 role:admin
Response
Successful Response
{
"access_token":"{valid access token}",
"token_type":"acs-oauth",
"expires_in":{time in seconds},
"scope":{requested scope} // user:{useridValue} role:{roleValue}
}
{
"access_token":"PrizmDoc Cloud-Hosted-ACCESS-TOKEN",
"token_type":"acs-oauth",>
"expires_in":3600,
"scope":"userid:1234 role:admin"
}
Error Response
{
"error":"invalid_request" // error code definitions: https://www.rfc-editor.org/rfc/rfc6749.html#section-5.2
}