This document describes how to authenticate against the TAO NextGen APIs using curl using a simple client credentials flow for OAuth 2.0.
Prerequisites
Before you begin, contact your TAO representative for your Token Endpoint URL. This URL is required for authentication.
1. Obtain an Access Token
To obtain a token, send a POST request to the token endpoint. Include your authentication server URL, your credentials and specify the Grant Type:
curl -X POST "[YOUR_AUTH_URL]/v1/oauth2/tokens" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "grant_type=client_credentials" \
--data-urlencode "client_id=[YOUR_CLIENT_ID]" \
--data-urlencode "client_secret=[YOUR_CLIENT_SECRET]"
2. Response Example
If the request is successful, you will receive a JSON response containing the access token. Extract the token from the response’s access_token property:
{
"access_token": "eyJhvGciOiJ...",
"token_type": "Bearer",
"expires_in": 3600
}
3. Use the Access Token
Include the access token you received in any subsequent API calls by including it in the Authorization header in order to access protected endpoints. Please find a simple GET example below:
curl -X GET "[YOUR_AUTH_URL]/some/resource" \
-H "Authorization: Bearer [YOUR_ACCESS_TOKEN]"