Overview #
This API endpoint is used for obtaining an access token via the OAuth 2.0 protocol using the Resource Owner Password Credentials Grant type. The endpoint requires Basic Authentication and accepts parameters in the x-www-form-urlencoded
format.
After the token is generated, it will be automatically populated in the token textbox. This token must be included in all subsequent requests within its validity period. Ensure to handle token expiration appropriately.
Endpoint #
URL:
https://auth-test.10npay.com/connect/token
Method: POST
Authentication #
Type: Basic Authentication
-
Username: TennTesting
-
Password: 43579AF6F9BF4E259BD58F3DA730A717
Headers #
-
Content-Type: application/x-www-form-urlencoded
-
Authorization: Basic
base64(username:password)
Parameters #
The following parameters must be sent in the body of the request using the x-www-form-urlencoded
format:
Parameter |
Type |
Description |
---|---|---|
client_id |
string |
The client ID for authentication. |
grant_type |
string |
The grant type. For this API, it should be |
username |
string |
The username of the user. |
password |
string |
The password of the user. |
Sample Request #
Here is a sample curl
command to request a token:
curl --location 'https://auth-test.10npay.com/connect/token' \ --header 'Content-Type: application/x-www-form-urlencoded' \ --header 'Authorization: Basic VGVubkVzdGluZzo0MzU3OUFGNkY5QkY0RTI1OUJENThGM0RBNzMwQTcxNw==' \ --data-urlencode 'client_id=TennTesting' \ --data-urlencode 'grant_type=password' \ --data-urlencode 'username=testinguser@10npay.com' \ --data-urlencode 'password=Ttest@2S'
Response #
The API returns a JSON object containing the access token and associated scopes. Below is an example of a successful response:
{
"access_token": "{Token}",
"scope": "email IdentityServerApi offline_access openid phone platform profile roles tenant Tenn.Administrative Tenn.Audit Tenn.CRM Tenn.Discuss Tenn.Entitlement Tenn.FileStorage Tenn.MS Tenn.Payment Tenn.Recipient Tenn.Reporting Tenn.RiskService Tenn.Subscription TokenserverAPI.read TokenserverAPI.write two_factor_enabled user_relation"
}
Response Fields #
-
access_token: The token that can be used to authenticate subsequent API requests.
-
scope: The scopes granted to the access token.
Error Handling #
In case of an error, the API will return an appropriate HTTP status code along with a JSON object containing error details.
Example of an Error Response #
{
"error": "invalid_grant",
"error_description": "The user name or password is incorrect."
}
Notes #
-
Ensure that the
Authorization
header is correctly base64 encoded. -
The
grant_type
parameter must always be set topassword
for this endpoint. -
The response token should be securely stored and used for authenticating other API requests.