Generating OAuth Token

#1

To generate an authorization token on the environment, I run OAuth.token()

Does this create a new token, leaving the old one invalid, or does it fetch the current token and return it to the requestor?

(Of course, this assumes the user has permissions to request a token).

0 Likes

#2

OAuth tokens are meant to be requested via http (/auth/1//oauth), although the implementation does use c3 types under the covers. But the flow requires that an OAuth application is created and that one of the 2 implemented OAuth 2.0 flows are used (‘client_credentials’ or ‘authorization_code’). Please refer to the c3doc (In Depth -> OAuth authorization) and if it is not clear or there is something missing file a Jira issue.
BTW, multiple OAuth tokens for a user can be created, and they will all be valid until get explicitly revoked.

2 Likes

#3

If you want to generate a token for usage, a better API is Authenticator.generate*Token(). There are many flavors of tokens and these are fairly well documented.

1 Like