Request an Access Token - OsiriX-Foundation/KheopsAuthorization GitHub Wiki

URL : /token

Method : POST

Parameters

Note that the Content-Type must be application/x-www-form-urlencoded

Success Response

Upon successful validation of the assertion and, if a scope is specified, confirmation that the user has access to the requested study, this resource will return an access_token.

  • Status : 200 OK
  • Content :
{
    "access_token": "eyJhbGciOiJIUzI1NiIsImtpZCI6IjEifQ.eyJzdWIiOiIxMDQzOTE0ODIzNDkxNzE4Mzc1NzYifQ.zkqemWjCKVUqoRpPtoxUrocAw8uo63Q49-bXlG7G6m8",
    "token_type": "Bearer",
    "expires_in": 3600
}

Error Response

If validation of the assertion fails :

  • Status : 400 Bad Request
  • Content :
{
    "error": "invalid_grant",
    "error_description": "Audience validation failed"
}

If the user does not have access to the scope :

  • Status : 400 Bad Request
  • Content :
{
    "error": "invalid_scope",
    "error_description": "Unauthorized scope"
}