Client Credentials Flow

How to generate access token for single user applications?

Client credentials grant

👍

Recommended practice

While you can generate an access token from the portal the same way you did for test applications, it is not feasible to rotate the token manually as each access token is valid for 30 days. We highly recommend that you implement the token generation and refresh logic via code for any live production integration.

  1. Once you have a live app created, navigate to the Authentication tab.

  2. You'll find your client_id and client_secret in the Oauth credentials section.

  3. Make the following request with the specified parameters to obtain an access_token.

Request

POST https://auth.signeasy.com/oauth/token
curl --location --request POST 'https://auth.signeasy.com/oauth/token' \
--header 'Content-Type: application/json' \
--data-raw '{
    "client_id": "<YOUR_CLIENT_ID>",
    "client_secret": "<YOUR_CLIENT_SECRET>",
    "audience": "https://api-ext.signeasy.com/",
    "grant_type": "client_credentials"
}'

Parameter

Type

Description

client_id

string

Required. The client ID you received when you created your app.

client_secret

string

Required. The client secret you received when you created your app.

audience

string

Required. The unique identifier of the audience for an issued token, identified within a JSON Web Token as the aud claim. The audience value is always https://api-ext.signeasy.com/ for client credentials grant flow.

grant_type

string

Required. The value for client credentials grant should be client_credentials.

Response

{
    "access_token": "eyJhbGciOiJSU...dssJg",
    "scope": "rs:read rs:update",
    "expires_in": 2592000,
    "token_type": "Bearer"
}

How to use the access token in an HTTP request?

This access_token` allows you to make requests to the API on a behalf of a user. You should include this access token in the Authorization header.

Authorization: Bearer ACCESS-TOKEN

curl -X GET -H "Authorization: Bearer <Access Token>" https://api.signeasy.com/v3/me

Refreshing a live access token

Every access token generated via client credentials flow has an expiry of 30 days, and it is recommended that you handle this expiry in your code implementation for automatic token renewal as well. To generate a new access token, follow the same step above that you used to obtain a new token.