FAQ

Is this API oAuth 2.0 compliant?

Yes. Not all grant types are currently supported, but this API is compliant with the oAuth 2.0 specification, which can be found in the attachments.

What grant types are currently supported?

The platform currently supports the client credentials grant type.

What if my API includes user context

Platform tokens are appropriate for system to system communications. For APIs where user context is required, tokens should be issued by and retrieved from the CIAM system. The API Marketplace supports issued by either of these identity providers.

What is the difference between version 1 and version 2 of this API

Version 1 of this API was designed to facilitate the migration of legacy APIs onto the platform. Versio 2 is more fully compliant with the expectations outlined in the oAuth 2.0 specification. Version 1 should not be used for new implementations. Version 2 is backwards compatible to support the migration of version 1 clients.