PrizmDoc Viewer v13.5 - Updated
OAuth
API Reference > Cloud Authentication > OAuth

OAuth

Using OAuth, PrizmDoc Cloud can not only authorize a request via the PrizmDoc Cloud API key, but also by custom user information. Ultimately, this will allow you to create rules to limit access to various resources.

Available URLs

URL Description
POST /v1/authTokens Retrieves an authorization token that can be used to authenticate calls to PrizmDoc Cloud Services.

POST /v1/authTokens

Retrieves an authorization token that can be used to authenticate calls to PrizmDoc Cloud Services.

Request

Request Headers

Name Description
acs-api-key Required {{api-key}}
Content-Type Required application/x-www-form-urlencoded

Request Body

grant_type=client_credentials&scope={client customer user id} {client custom role}

Successful Response

Response Body

Success returns code 200 - OK

Error Responses

Status Code JSON errorCode Description
400 "Bad Request" Returned when data is incorrect within body of the request.
401 "Unauthorized" Returned when the key provided in the acs-api-key is incorrect or missing.

Examples

Request

grant_type=client_credentials&scope={client customer user id} {client custom role}

grant_type=client_credentials&scope=userid:1234 role:admin

Response

Successful Response

{
     "access_token":"{valid access token}",
     "token_type":"acs-oauth",
     "expires_in":{time in seconds},
     "scope":{requested scope} // user:{useridValue} role:{roleValue}
}

{
     "access_token":"PrizmDoc Cloud-Hosted-ACCESS-TOKEN",
     "token_type":"acs-oauth",>
     "expires_in":3600,
     "scope":"userid:1234 role:admin"
}

Error Response

{
     "error":"invalid_request" // error code definitions: https://tools.ietf.org/html/rfc6749#section-5.2
}