Step 11: Get the access token
POST {{authPath}}/{{envID}}/as/token
The token endpoint is used by the client to obtain an access token by presenting its authorization grant. For device_code grants, the application calls the POST /{{envID}}/as/token endpoint to acquire the access token. The request body must include values for the following properties:
grant_type
A string that specifies the grant type of the token request. Note that the grant_type property in the token request body uses the following syntax to identify the device code type: urn:ietf:params:oauth:grant-type:device_code.
device_code
A string that specifies the device code value returned by the authorization request.
client_id
A string that specifies the application identifier.
For applications that specify a device code grant type, the application's tokenEndpointAuthMethod is most often set to NONE. In such cases, the request requires the client_id property value (the application ID) in the request body and does not require an Authorization header.
The response data contains the access token and the ID token.
Request Body
[{"name"=>"grant_type", "value"=>"urn:ietf:params:oauth:grant-type:device_code", "datatype"=>"string"}, {"name"=>"device_code", "value"=>"{{deviceCode}}", "datatype"=>"string"}, {"name"=>"client_id", "value"=>"{{deviceAuthAppID}}", "datatype"=>"string"}]
HEADERS
| Key | Datatype | Required | Description |
|---|---|---|---|
Content-Type | string |