Grant Type Password
POST https://restapi.actonsoftware.com/token
The grant type password will return two important items.
- access_token - Store the returned access token in your application to authenticate the other endpoint requests. The access token expires after 3600 seconds.
- refresh_token - Password or Code grant types are limited to 5 authentication attempts per hour. Using the refresh token workflow avoids unneeded access token requests and prevents your application from reaching this limit. The refresh token does not expire until a new token is requested via any of the Grant Type calls.
You can find more information on the refresh token here.
Parameters
| Name | Parameter Type |
Allow Multiple |
Required/ Optional |
Data Type | Description |
|---|---|---|---|---|---|
| grant_type | x-www-form-urlencoded | False | Required | string | The value must be set to 'password'. |
| username | x-www-form-urlencoded | False | Required | string | The email address of a user in the Act-On account you are trying to access. Any special characters in the email address (besides '@') must be URL encoded. |
| password | x-www-form-urlencoded | False | Required | string | The password associated with the username. |
| client_id | x-www-form-urlencoded | False | Required | string | The Client ID you received in your welcome email. |
| client_secret | x-www-form-urlencoded | False | Required | string | The Client Secret you received in your welcome email. |
Response
{
"access_token":"12345678-9abc-defg-hijk-lmnopqrs",
"refresh_token":"12345678-9abc-defg-hijk-lmnopqrs",
"scope":"default",
"token_type":"Bearer",
"expires_in":3600
}
Code Examples
cURLPythonnodeJS
curl -X POST https://restapi.actonsoftware.com/token -d 'grant_type=password&username=john.doe@act-on.com&password=eodnhoj1&client_id=123456789abcdefghijklmnopqrs&client_secret=123456789abcdefghijklmnopqrs'
import requests
url = "https://restapi.actonsoftware.com/token"
payload = 'grant_type=password&username=john.doe@act-on.com&password=eodnhoj1&client_id=123456789abcdefghijklmnopqrs&client_secret=123456789abcdefghijklmnopqrs'
headers= {}
response = requests.request("POST", url, headers=headers, data = payload)
print(response.text.encode('utf8'))
var request = require("request");
var options = {
method: 'POST',
url: 'https://restapi.actonsoftware.com/token',
form:
{ grant_type: 'password',
username: 'john.doe@act-on.com',
password: 'eodnhoj1',
client_id: '123456789abcdefghijklmnopqrs',
client_secret: '123456789abcdefghijklmnopqrs' }
};
request(options, function (error, response, body) {
if (error) throw new Error(error);
console.log(body);
});
