Client credentials flow

Overview

The Client Credentials Flow is the simplest authentication scheme to implement:

  1. Request an Access Token from Trelica.
  2. Make API calls passing the Access Token you received.

Authentication

You must pass the Client ID and Client Secret in the Authorization header using the standard HTTP Basic Authentication Scheme.

Request an access token

POST https://app.trelica.com/connect/token

Requests an access token for use with future API requests.

Header
Authorization * string

As per the HTTP Basic Authentication Scheme, i.e.

Client ID and Client Secret concatenated with a colon, Base64 encoded, and prepended with the string "Basic ".

Body
scope string

The OAuth scopes for the data you want to access. The string is case-sensitive. Multiple scopes must be separated by a space character. If no value is passed then all scopes defined for the app will be requested.

grant_type * string

client_credentials

Responses

  • HTTP 200

    JSON containing the access token and associated information

    {
        "access_token": "<TOKEN>",
        "expires_in": 3600,
        "token_type": "Bearer",
        "scope": "Users.Read"
    }
    
  • HTTP 400

    invalid_client indicates that the Client ID or Client Secret were passed incorrectly (either incorrect values, or not according to the HTTP Basic Authentication scheme). invalid_scope indicates that the scope requested was incorrect, or does not belong to the list of scopes enabled for the Trelica app associated with the credentials passed.

    {
        "error": "<ERROR_CODE>"
    }
    

Example

Requesting the access token using curl

curl https://app.trelica.com/connect/token \
 --user "<CLIENT_ID>:<CLIENT_SECRET>" \
 --data "grant_type=client_credentials&scope=Users.Read"
  • 200

    {
        "access_token": "<TOKEN>",
        "expires_in": 3600,
        "token_type": "Bearer",
        "scope": "Users.Read"
    }
    
  • 400

    {
        "error": "<ERROR_CODE>"
    }
    
    Error Code Description
    invalid_client The Client ID and/or Client Secret are incorrect
    invalid_scope The scope requested was invalid

Making an API call with the access token you received

You can now make API calls, passing the access token you received as part of an Authorization header.

curl https://app.trelica.com/api/scim/v2/Users \
 --header "Authorization: Bearer <ACCESS_TOKEN>"

Was this article helpful?

0 out of 0 found this helpful

Comments

0 comments

Please sign in to leave a comment.