The test token endpoint
The test token endpoint enables you to get a valid token via a REST call, without having to set up a mobile client.
The OAuth model that is used in IBM MobileFirst™ Platform Foundation V7.0 requires a MobileFirst client API to be running in the mobile application that interacts with the MobileFirst Server to obtain an access token. Setting up the mobile app often means unnecessary overhead, particularly in back end testing situations. Use the test token endpoint to get a valid token through a REST call (by using tools such as Postman or cURL), without a mobile client.
Note: The test token endpoint is available only in the development
version of IBM MobileFirst Platform Foundation.
Usage
The endpoint provides a valid token with a default expiration of two hours and a scope that includes all the realms that are defined in your authenticationConfig.xml file.
The
URL pattern for accessing the endpoint is as follows:
http(s)://<server_ip>:<server_port>/<project_name>/authorization/v1/testtokenThe
endpoint responds to a POST request with the following parameters:
- accessTokenExpiration
- Number of seconds for the token expiration.
- tokenFormat: Header/Token
- Response format:
- Header (default): returns a JSON object that can be copied directly
to REST apps (such as Postman) as a header, for example,
{Authorization: Bearer eyJhbG...} - Token: returns the OAuth token as defined by the spec:
{ "scope": "SubscribeServlet wl_directUpdateRealm wl_authenticityRealm SampleAppRealm wl_remoteDisableRealm wl_antiXSRFRealm wl_deviceAutoProvisioningRealm wl_deviceNoProvisioningRealm wl_anonymousUserRealm", "token_type": "bearer", "expires_in": 1421262002284, "id_token": "eyJhbG...", "access_token": "eyJhb.." }
- Header (default): returns a JSON object that can be copied directly
to REST apps (such as Postman) as a header, for example,