Every client interacting with push must provide a valid access token with the required
scopes for making Push REST API calls. A simple example on how to obtain the token and use the push
REST API is shown.
About this task
For mobile client applications, IBM MobileFirst™ Platform Foundation SDK
orchestrates the OAuth flow so that the mobile push client application obtains a valid access token
with the required scope.
Procedure
- You will have to POST a request to the URL
http(s)://<host>:<port>/mfp/api/az/v1/token to get an access
token.
- Before you can POST the request, you will need to set the scope parameters in the
Body.
For information on push scopes and the semantics that server applications can use as appropriate
when obtaining a token, see Table 1.
Figure 1. Setting the scope
- Now set the Authorization header by providing the confidential
client credentials. For information on configuring a confidential client, see Confidential clients.
Figure 2. Provide confidential client credentials for Basic Auth
Figure 3. Authorization header value set
- Submit the POST request to get the access token.
Figure 4. Invoking push REST API with access token
Access token is obtained and is set as value of the Authorization header
in the subsequent push REST API invocation.