Appearance
Authentication
What is OAuth?
OAuth is a security method that allows apps to access certain parts of your info without needing your password. For instance, you can let a new app you're making use your WillSuite profile or update your timeline without sharing your WillSuite password. This keeps your WillSuite password safe, even if the new app has a problem with security.
Instead of sharing your password, OAuth uses special codes to show that an app has permission to access your info. It's like giving one app permission to talk to another without telling them your password.
Getting Your OAuth Token
Before utilising the new APIs, it's essential to initiate a call to our endpoint to obtain a bearer token, a security credential necessary for authentication.
A bearer token serves as a type of access token that grants access to protected resources on the server. It is a cryptic string generated by the authorisation server and must be included in the header of subsequent API requests. This token acts as a key, allowing the requester (your application) access to protected resources, ensuring secure communication between your application and our server.
Upon receiving the bearer token from our endpoint, your application must include this token in the authorisation header of API requests. This process validates the identity of your application and grants the necessary access permissions to interact securely with our APIs.
Ensuring the bearer token is properly included in API requests is crucial for authentication and access to the functionalities provided by our APIs
Input
Body parameters
grant_type string - Required
This must be the value of client_credentials
client_id string - Required
This will be provided to you by a member of our support team.
client_secret string - Required
This will be provided to you by a member of our support team.
Output
Http status codes
| Status Code | Description |
|---|---|
| 200 | OK |
| 400 | Bad Request |
| 401 | Not authorized (authorization token invalid) |
| 500 | Internal Server Error |
Request example
bash
curl -X POST \
'https://client.willsuite.co.uk/oauth/token' \
--header 'Content-Type: application/json' \
--data-raw '{
"grant_type": "client_credentials",
"client_id": "YOUR_CLIENT_ID",
"client_secret": "YOUR_CLIENT_SECRET"
} 'php
<?php
$client = new http\Client;
$request = new http\Client\Request;
$body = new http\Message\Body;
$body->append('{
"grant_type": "client_credentials",
"client_id": "YOUR_CLIENT_ID",
"client_secret": "YOUR_CLIENT_SECRET"
} ');
$request->setRequestUrl('https://client.willsuite.co.uk/oauth/token');
$request->setRequestMethod('POST');
$request->setBody($body);
$request->setHeaders([
'Content-Type' => 'application/json'
]);
$client->enqueue($request)->send();
$response = $client->getResponse();
echo $response->getBody();Response
json
{
"token_type": "Bearer",
"expires_in": 31622400,
"access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIs…"
}json
{
"type": "object",
"properties": {
"token_type": {
"type": "string"
},
"expires_in": {
"type": "integer"
},
"access_token": {
"type": "string"
}
},
"required": ["token_type", "expires_in", "access_token"]
}