Overview
This service provides a SOAP alternative to the RESTful oauth2token
service, and is used to acquire an OAuth 2 Token that can be used by an OAuth 2 Authenticated User of a Client App for access to Projector services. Note that this service should not be provided with a SessionTicket on invocation. Note also that if the response has a non-null value for RedirectUrl
, the service was invoked on the incorrect server and must be re-invoked on the server specified in RedirectUrl
.
Request Format
- PwsAcquireOauth2Token
- serviceRequest: PwsAcquireOauth2TokenRq
- RequestId: Int32
- SessionTicket: String
- ClientIdentifier: String
- ClientSecret: String
- Code: String
- CodeVerifier: String
- GrantType: String
- RedirectUri: String
- RefreshToken: String
- serviceRequest: PwsAcquireOauth2TokenRq
Request Elements
Element | Data Type | Required? | Default | Description | Sample Data |
---|---|---|---|---|---|
Int32 | No | Click here for more information | |||
String | No | Should be omitted or set to null. | |||
ClientIdentifier | String | Yes | Guid string that identifies the client app requesting a token | 24748faf-e239-d132-167a-6e4d3e1bd0fb | |
ClientSecret | String | Yes | Secret string that client app uses to prove itself | r6tuVhR3ol1BFFVfy3Oe-J8VoH0KpkgLVqAMi-IIgvd_Lr613IEYcXhKAea8eLtQKSIgQ4jHIKhCKQcwriUtgB | |
Code | String | When GrantType="code" | The short-lived authentication code that was provided on the successful redirect of the | E2BgYJjLoNrEY50z-8hLMXevukfd3EWpZcn5RQW6xemGeYelfl_aetMDAA | |
CodeVerifier | String | No | Code Verifier generated by the client app and for which a code challenge was previously sent as part of the | swubMxS7yR-SYjlEwuu5gaS8~bvgL-ngbpZiYFLR_4Vf~u388c.qimhmm6kVc3h3h~TSmhDj02AIPeGcI_Y | |
GrantType | String | Yes | Currently must be either "code" for an initial grant, or "refresh_token" for a token refresh. | ||
RedirectUri | String | When GrantType="code" | Must be identical to the | https://my.app.com/redirect-handler | |
RefreshToken | String | When GrantType="refresh_token" | A valid refresh token that designates a client app connection needing a refresh | E2BgYJjLoNrEY50z-7gMN1evukfd3EWpZcn5RQW6xemGeYelfl_aetMDAA |
Request Usage Example(s)
Response Format
- PwsAcquireOauth2TokenResponse
- PwsAcquireOauth2TokenResult: PwsAcquireOauth2TokenRs
- Messages: PwsMessage[]
- ResponseId: Int32
- Status: RequestStatus
- ServerTimestampUtc: DateTime
- AccessToken: String
- ExpiresInSeconds: Int32
- MaxLifetimeMinutes: Int32
- RedirectUrl: String
- RefreshToken: String
- RestServiceAuthority: String
- SoapServiceAuthority: String
- TimeoutMinutes: Int32
- TokenType: String
- Scope: String
- PwsAcquireOauth2TokenResult: PwsAcquireOauth2TokenRs
Response Elements
Element | Data Type | Description | Sample Data |
---|---|---|---|
Messages | The web service response status and message. Click here for more information. | ||
Int32 | Click here for more information | ||
RequestStatus | Click here for more information | ||
DateTime | Click here for more information | ||
AccessToken | String | Token used for subsequent API access to Projector. In practical terms, this is a SessionTicket. | Af4yzv6CcFKZEh2dz45zZg== |
ExpiresInSeconds | Int32 | How many seconds the | 604800 |
MaxLifetimeMinutes | Int32 | The maximum lifetime of the | 10080 |
RedirectUrl | String | If this is set, this | https://secure2.projectorpsa.com |
RefreshToken | String | The token that can be used to refresh the client app user's access when the Access Token is expired. | E2BgYJjLoNrEY50z-7gMN1evukfd3EWpZcn5RQW6xemGeYelfl_aetMDAA |
RestServiceAuthority | String | The URL that must be used for any restful reporting services invoked with the | https://app2.projectorpsa.com |
SoapServiceAuthority | String | The base URL that must be used for any SOAP services invoked with the | https://secure2.projectorpsa.com |
TimeoutMinutes | Int32 | How long the | 10080 |
TokenType | String |
| projector_session_ticket |
Scope | String | Scope granted to this token, which may be fewer than those requested in the intitial authentication request, but never more. | V:maintainCostCenters U:maintainUsers enterTime |
Response Usage Example(s)
PwsAcquireOauth2Token - Common Errors and Warnings
- For all errors and warnings please refer to the Complete List of Errors and Warnings
ErrorNumber | ErrorCode | ErrorText |
---|---|---|
50629 | OauthUnsupportedGrantType | Unsupported OAuth2 Grant Type "{GrantType}". |
50630 | OauthInvalidClient | Invalid Oauth2 Client. |
50631 | OauthInvalidGrant | Invalid Grant for Oauth2 Token: "{InvalidReason}". |
50632 | OauthInvalidRequest | Invalid OAuth2 Request in Context "{Context}". Null or missing parameters "{Missing}". Improper parameters "{Improper}". |
50635 | OauthUnsupportedTokenType | Unsupported OAuth2 Token Type "{TokenType}". |