Grant Type Password will return two important items.
access_token - Store the returned access token in your application to authenticate the other endpoint requests. The access token expires after 3600 seconds.
refresh_token - Password or Code grant types are limited to 5 authentication attempts per hour. Using the refresh token workflow avoids unneeded access token requests and prevents your application from reaching this limit. The refresh token expires when a new token request is made with the same credentials via any of the Grant Type calls or after one month.
| Parameter | Parameter Type | Data Type | Description |
|---|---|---|---|
| grant_type | x-www-form-urlencoded | string | Must be set to 'password' |
| client_id | x-www-form-urlencoded | string | The Client ID found in your Act-On account. |
| client_secret | x-www-form-urlencoded | string | The Client Secret found in your Act-On account. |
| username | x-www-form-urlencoded | string | The username for the Act-On account you wish to authenticate to |
| password | x-www-form-urlencoded | string | The password that pairs with that username |
Example
curl --request POST \
--url https://api.actonsoftware.com/token \
--header 'accept: application/json' \
--header 'content-type: application/x-www-form-urlencoded' \
--data '
{
"grant_type": "password",
"username": "[email protected]",
"password": "example",
"client_id": "jdaf823jsjsfd731jn",
"client_secret": "lsdfljsf873r92nlwhfy7eihwifhji74"
}
'
Response
{
"access_token":"12345678-9abc-defg-hijk-lmnopqrs",
"refresh_token":"12345678-9abc-defg-hijk-lmnopqrs",
"scope":"offline-access",
"token_type":"Bearer",
"expires_in": 3600
}