We launched new developer portal. For the latest documentation visit developer.cloudentity.com

Getting access tokens with the authorization code grant

Instructions for getting access tokens with the authorization code grant flow.

Login as admin in Swagger UI

  1. Go to https://localhost:8443/api/swagger/default.

  2. Select Authorize.

  3. Enter the following values in the form:

    Key Value
    client_id admin-swagger
    client_secret n8HF35qzZkmsukHJzzz9LnN8m9Mf97uq
  4. Select Authorize.

  5. Select Close.

Create the client

  1. Select POST /api/admin/{tid}/clients API.

  2. Select Try it out.

  3. Enter default as tid (tenant ID).

  4. Use the following json as the body:

        "authorization_server_id": "default",
        "client_id": "client",
        "client_secret": "wPeimtcljkdBeG19Xc3OXD41iZo0zxdg",
        "client_name": "My app",
        "grant_types": [
        "redirect_uris": [
        "response_types": [
        "scopes": [
  5. Select Execute.

Make the authorize request

  • Your application initializes a redirect in the browser to the following URL:

  • The user authenticates and approves the access to the data on the consent page.


    To test the authentication, you can use the user:user credentials.

Exchange the authorization code

  • Once the user has granted the access to application, the authorization server makes a redirect to the requested redirect_uri with the authorization code in the query parameter.

  • Your application exchanges the authorization code for the access and ID tokens.

    curl -X POST -k https://localhost:8443/default/default/oauth2/token \
    -u "client:wPeimtcljkdBeG19Xc3OXD41iZo0zxdg" \
    -H "Content-type: application/x-www-form-urlencoded" \
    -d "grant_type=authorization_code&redirect_uri=https%3A%2F%2Fexample.com%2Fcallback&code=Rl1OCBIpNH5h1VCmKS0GA5wC2fIHGw9nh6i3vc8ijPE"

Expected response

   "access_token": "..",
   "expires_in": 3600,
   "id_token": "..",
   "scope": "openid",
   "token_type": "bearer"