OAuth
Using OAuth, PrizmDoc Cloud can not only authorize a request via the PrizmDoc Cloud API key, but also by custom user information. Ultimately, this will allow you to create rules to limit access to various resources.
Available URLs
| URL | Description |
|---|---|
| POST /v1/authTokens | Retrieves an authorization token that can be used to authenticate calls to PrizmDoc Cloud Services. |
POST /v1/authTokens
Retrieves an authorization token that can be used to authenticate calls to PrizmDoc Cloud Services.
Request
Request Headers
| Name | Description |
|---|---|
acs-api-key |
Required {{api-key}} |
Content-Type |
Required application/x-www-form-urlencoded |
Request Body
grant_type=client_credentials&scope={client customer user id} {client custom role}
Successful Response
Response Body
Success returns code 200 - OK
Content-Type: application/jsonCache-Control: no-storePragma: no-cache
Error Responses
| Status Code | JSON errorCode |
Description |
|---|---|---|
400 |
"Bad Request" |
Returned when data is incorrect within body of the request. |
401 |
"Unauthorized" |
Returned when the key provided in the acs-api-key is incorrect or missing. |
Examples
Request
grant_type=client_credentials&scope={client customer user id} {client custom role}
grant_type=client_credentials&scope=userid:1234 role:admin
Response
Successful Response
{
"access_token": "{valid access token}",
"token_type": "acs-oauth",
"expires_in": {time in seconds},
"scope": {requested scope} // user:{useridValue} role:{roleValue}
}
{
"access_token": "PrizmDoc Cloud-Hosted-ACCESS-TOKEN",
"token_type": "acs-oauth",
"expires_in": 3600,
"scope": "userid:1234 role:admin"
}
Error Response
{
"error": "invalid_request" // error code definitions: https://www.rfc-editor.org/rfc/rfc6749.html#section-5.2
}