TokenFormData

TokenFormData
TokenFormData

The form fields that can be used when requesting an access token

JSON Example 
{
    "client_id": "Example_AppID",
    "client_secret": "string",
    "scope": "openid profile email",
    "redirect_uri": "https://example-app.com/redirect?auth%3Doauth",
    "domain": "example.com",
    "username": "string",
    "password": "string",
    "grant_type": "client_credentials",
    "code": "string",
    "refresh_token": "string",
    "assertion": "string",
    "subject_token_type": "string",
    "subject_token": "string"
}
string As ^[a-zA-Z0-9\-_.@]+$
client_id
Optional

This is the identifier of the OAuth 2.0 client that was registered in VMware Identity Manager. Only used when a basic Authorization header is not present in the request.

string As ^[\x20-\x7E]+$
client_secret
Optional

The client secret. Only used when a basic Authorization header is not present in the request.

string As ^[a-zA-Z0-9\-":\s_.+]+$
scope
Optional

Optional list of scopes separated by a space and is URL encoded. The scopes must be equivalent or a subset of the scopes defined in the OAuth2.0 client. Scopes that doesn't match any of the scopes defined in the OAuth2.0 client will be ignored. If omitted or empty, the scopes defined in the OAuth2.0 client will be used.

string
redirect_uri
Optional

Specifies the callback endpoint in your application that will receive the authorization code. It must match the redirect_uri defined in your OAuth2.0 client registration in VMware Identity Manager. When sending the redirect_uri as a URL parameter it has to be URL encoded. Required only if the grant_type is 'authorization_code'.

string As ^[a-zA-Z0-9+\-_.@\s]+$
domain
Optional

Specifies the user's domain. If this parameter is specified, the login screen will skip the domain selection page. This can be used when it is known that a single domain is used or the domain information can be inferred automatically (from the username for example). This is a VMware Identity Manager optional parameter and is not in the OAuth 2.0 specification. Required only if the grant_type is 'password'.

string
username
Optional

The username, UTF-8 encoded. Required only when grant_type is 'password'.

string
password
Optional

The password, UTF-8 encoded. Required only when grant_type is 'password'.

string
grant_type
Required

Specifies the OAuth grant type the client is making. It must be one of the grant types that are defined in the OAuth2.0 client. VMware Identity Manager supports the following grant types from the OAuth specifications: authorization_code, password, client_credentials, and refresh_token. VMware Identity Manager also supports the grant type urn:ietf:params:oauth:grant-type:jwt-bearer for using JWTs for authorization as described in the JWT Bearer Token Profiles for OAuth 2.0 specifications.

Possible values are : authorization_code, password, client_credentials, refresh_token, urn:ietf:params:oauth:grant-type:jwt-bearer,
string
code
Optional

The authorization code received from the authorize request. Required only if the grant_type is 'authorization_code'.

string As ^[A-Za-z0-9]+$
refresh_token
Optional

The refresh token, which can be used to obtain new access tokens using the same authorization grant.. Required only if the grant_type is 'refresh_token'.

string
assertion
Optional

The assertion being used as an authorization grant.If an assertion is not valid or has expired 'invalid_grant' error code is returned.. Required only if the grant_type is 'urn:ietf:params:oauth:grant-type:jwt-bearer'.

string
subject_token_type
Optional

Field is reserved for future use.

string
subject_token
Optional

Field is reserved for future use.

Parameter To