Obtaining the Authorization Code¶

This is a GET request which should be made from the client end. A response code will be sent as a GET request to the callback URL.

URL to request for authorization code¶

https://iris.nitk.ac.in/oauth/authorize

GET Parameters to be sent along¶

client_id - The Client ID provided to you by IRIS during signup
redirect_uri - The callback URI to which the token should be sent (The URL must match from one the URLs provided during Oauth Signup with IRIS)
response_type - “code”
scope - <space separated list of scopes you want authorization for from user

Response¶

code - A access code in order to obtain the actual access token

This response code must be saved somewhere in your backend and/or directly used to immediately obtain the access token from the backend.

Note: This authorization code expires in 10 minutes!

Obtaining the Access Token¶

After obtaining the code, a server to server request must be made to obtain the access token.

This must be a POST request and should be made from the server backend.

URL to request for authorization code¶

https://iris.nitk.ac.in/oauth/token

POST Parameters to be sent¶

client_id - The Client ID provided to you by IRIS during signup
client_secret - The Client Secret provided to you by IRIS during signup
code - The authorization code obtained in the above GET request
grant_type - “authorization_code”
redirect_uri - The same redirect URI used in the above GET request

Response¶

{
   "access_token":"fb97297e63d620660f98baa362c1765addff62d13d490c1d20514cc16c81eda2",
   "token_type":"bearer",
   "expires_in":7200,
   "scope":"profile",
   "created_at":1527018162
}

Now this access_token can be used for further API queries.

Note: This authorization code expires in 2 hours!