Screenshot WOW SAVE 20% on the All Access Bundle. Use "OAUTH20OFF" at checkout.
GET DEAL
3rd Party Integration

User Credentials

Published: October 2, 2018 | Updated: March 11th, 2020
  1. Home
  2. Docs
  3. General
  4. Grant Types
  5. User Credentials

Overview

User Credentials will allow you to directly use the user’s login information in your application. Mobile and desktop applications that allow direct user login is most likely to use “User Credentials” than any other grant type.

Example Request

Request examples to use line breaks for the body content to make it easier to read. The authorization header is composed of a base64 encoded value for “client_id:client_secret“.

POST 
/?oauth=token HTTP/1.1

Headers
Authorization: Basic cXhaNmZDb09NajRjTks4U1hSSGE1bnVnNnZuc3dsRldTRjM3aHNXMzpMMWZ6TG9zSmY5VGx3bkNDVFo1cGtLbWRxcWtIU2hLRWkwZDRvRk5F
Content-Type: application/x-www-form-urlencoded

Body Request
grant_type=password
&username={users-username}
&password={users-password}

A successful response will contain the following.

{
  "access_token": "apvwxkbcxrnm9o92wmp4yjlbmoajeycfbn4ws6nx",
  "expires_in": 9087654,
  "token_type": "Bearer",
  "scope": "basic",
  "refresh_token": "z8wpp3pshgled4d81b4z8dmlc6ftwdscpgktyh7u"
}

Note:

Some servers running CGI can not process authorization headers. In this case, you can pass “client_id” and “client_secret” in the body request.

POST /?oauth=token HTTP/1.1

Headers
Content-Type: application/x-www-form-urlencoded

Body Request
grant_type=password
&username={users-username}
&password={users-password}
&client_id={client_id}
&client_secret={client_secret}
Icon