OAuth 2.0

Request Tokens

This API enables you to request a new access token from the Device code Endpoint

Endpoint

POST https://cloud-api.loginradius.com/sso/oauth/{OAuthName}/access_token

Template Params

NameTypeDefaultDescription
OAuthNameStringnoneThe name for the OAuth App you have configured in the LoginRadius Dashboard. [REQUIRED]

Post Params

clientid :Your application’s Client ID. [REQUIRED] devicecode :Enter the device code [REQUIRED] Grant-Type :Value should be used as urn:ietf:params:oauth:grant-type:device_code [REQUIRED]

NameTypeDefaultDescription
client_idStringnoneYour application’s Client ID. [REQUIRED]
device_codeStringnonedevice_code :Enter the device code [REQUIRED]
grant_typeStringnoneValue should be used as urn:ietf:params:oauth:grant-type:device_code [REQUIRED]

Response

This is what a sample response looks like:

{
  "access_token": "b8cb84c9-dff7-401a-94c1-7cd44ebf80a0",
  "token_type": "access_token",
  "refresh_token": "a795bbb0-5868-4079-a45b-606ad8aeee80",
  "expires_in": 31103985
}

Try Me Out

Access token by OAuth 2 token

This API allows get a LoginRadius access_token from an OAuth 2.0 Token.

Endpoint

POST https://cloud-api.loginradius.com/sso/oauth/access_token

Body Params

NameTypeDefaultDescription
client_idStringnoneLoginRadius API Key [REQUIRED]
client_secretStringnoneLoginRadius Secret Key [REQUIRED]
redirect_uriStringnoneRedirection URI [REQUIRED]
response_typeStringnoneNeeds to be ‘token’ [REQUIRED]
codeStringnoneCode Parameter, given when Login Dialog is performed [REQUIRED]

Response

This is what a sample response looks like:

{
  "access_token": "********-****-****-*****************",
  "token_type": "access_token",
  "expires_in": 394,
  "refresh_token": "********-****-****-*****************"
}

Try Me Out

Access Token by Account Password

This API allows you to obtain a LoginRadius access_token by passing in the customer’s account password along with their email/username/phoneid as part of the Resource Owner Password Credential Flow.

Endpoint

POST https://cloud-api.loginradius.com/sso/oauth/access_token

Body Params

NameTypeDefaultDescription
client_idStringnoneLoginRadius API Key [REQUIRED]
client_secretStringnoneLoginRadius Secret Key [REQUIRED]
grant_typeStringnoneNeeds to be ‘password’ [REQUIRED]
usernameStringnoneYou must provide the customer’s email/phoneid depending on how you have configured LoginRadius for authentication [REQUIRED]
passwordStringnoneThe customer’s account password. [REQUIRED]

Response

This is what a sample response looks like:

{
  "access_token": "********-****-****-*****************",
  "token_type": "access_token",
  "expires_in": 394,
  "refresh_token": "********-****-****-*****************"
}

Try Me Out

Request Device Code

This API allows you to requests a new device code, user code from the Device code Endpoint

Endpoint

POST https://cloud-api.loginradius.com/sso/oauth/{OAuthName}/device

Template Params

NameTypeDefaultDescription
OAuthNameStringnoneThe name for the OAuth App you have configured in the LoginRadius Dashboard. [REQUIRED]

Body Params

NameTypeDefaultDescription
client_idStringnoneYour application’s Client ID. [REQUIRED]
scopeStringnoneThe scope for this is email profile.

Response

This is what a sample response looks like:

{
  "device_code": "af2a4121179546c1b121995414cc4530",
  "user_code": "oP5lLq",
  "verification_uri": "https://example.com/federation/device/activate.php",
  "interval": 10,
  "expires_in": 1800
}

Try Me Out

Refresh Access Token

This API allows to refresh an access_token

Endpoint

POST https://cloud-api.loginradius.com/sso/oauth/access_token/refresh

Body Params

NameTypeDefaultDescription
client_idStringnoneLoginRadius API Key [REQUIRED]
client_secretStringnoneLoginRadius Secret Key [REQUIRED]
grant_typeStringnoneThe granttype, needs to be refreshtoken [REQUIRED]
refresh_tokenStringnonethis is the refresh_token you received when you used the ‘Access token by OAuth 2 token’ and ‘Access Token by Account Password’ API call [REQUIRED]

Response

This is what a sample response looks like:

{
  "access_token": "********-****-****-*****************",
  "token_type": "access_token",
  "expires_in": 394,
  "refresh_token": "********-****-****-*****************"
}

Try Me Out

Revoke Refresh Token

This API is used to revoke the refresh token access and that revoked token can not be used further to refresh access token.

Endpoint

POST https://cloud-api.loginradius.com/sso/oauth/refresh_token/revoke

Body Params

NameTypeDefaultDescription
client_idStringnoneLoginRadius API Key [REQUIRED]
client_secretStringnoneLoginRadius Secret Key [REQUIRED]
refresh_tokenStringnonethis is the refresh_token you received when you used the ‘Access token by OAuth 2 token’ or ‘Access Token by Account Password’ API calls [REQUIRED]

Response

The server successfully processed the request, and is not returning any content.(HTTP status code 200)

Try Me Out

Go Back to Home Page