Client Credentials

Authentication with client Credentials is by far the most common for clients. Aritma Id saves only the hash (like SHA256 and SHA512) and requires the clear text from the client when authenticating.

Token request

Fetch a usable access token. This is done using the /connect/token endpoint. In short you send a token request with grant_type=authorization_code together with the supplied code, your client_id and code_verifier (the same string generated for the authorize call), and the redirect_uri you provided in the authorization request.

POST /connect/token

RequestRequestResponse

Copy

Copied

POST https://id.aritma.io/{tenant}/connect/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded

  client_id=CLIENT_ID&
  client_secret=CLIENT_SECRET&

  grant_type=client_credentials&
  scope=SCOPE

Copy

Copied

POST https://id.aritma.io/{tenant}/connect/token HTTP/1.1
Content-type: application/x-www-form-urlencoded
Authorization: Basic xxxxx

  grant_type=client_credentials&
  scope=SCOPE

Copy

Copied

HTTP/1.1 200 OK
Content-Type: application/json
{
  "access_token":"eyJz93a...k4laUWw",
  "token_type":"Bearer",
  "expires_in":86400,
  "scope":"SCOPE"
}

Parameter	Description
`grant_type` (required)	Denotes the flow you are using. For Client Credentials use `client_credentials`.
`client_id` (required)	Your application's Client ID.
`client_secret` (required)	Your application's Client Secret
`scope` (required)	The scope for the access token, can't be an OpenID scope.