PrizmDoc v13.2 - Updated
OAuth
API Reference > PrizmDoc Cloud-Hosted API > OAuth

OAuth

Using OAuth, PrizmDoc Cloud-Hosted can not only authorize a request via the PrizmDoc Cloud-Hosted API key, but also by custom user information. Ultimately, this will allow you to create rules to limit access to various resources.

Available URLs

URL Description
POST /v1/authTokens Retrieves an authorization token that can be used to authenticate calls to Accusoft’s hosted services.

POST /v1/authTokens

Retrieves an authorization token that can be used to authenticate calls to Accusoft’s hosted services.

Request

Request Headers

Name Description
acs-api-key Required {{api-key}}
Content-Type Required application/x-www-form-urlencoded

Request Body

grant_type=client_credentials&scope={client customer user id} {client custom role}

Successful Response

Response Body

Success returns code 200 - OK

Error Responses

Status Code JSON errorCode Description
400 "Bad Request" Returned when data is incorrect within body of the request.
401 "Unauthorized" Returned when the key provided in the acs-api-key is incorrect or missing.

Examples

Request

grant_type=client_credentials&scope={client customer user id} {client custom role}

grant_type=client_credentials&scope=userid:1234 role:admin

Response

Successful Response

{
     "access_token":"{valid access token}",
     "token_type":"acs-oauth",
     "expires_in":{time in seconds},
     "scope":{requested scope} // user:{useridValue} role:{roleValue}
}

{
     "access_token":"PrizmDoc Cloud-Hosted-ACCESS-TOKEN",
     "token_type":"acs-oauth",>
     "expires_in":3600,
     "scope":"userid:1234 role:admin"
}

Error Response

{
     "error":"invalid_request" // error code definitions: https://tools.ietf.org/html/rfc6749#section-5.2
}