Generating tokens

Generate tokens (Access Token and Refresh Token) by using a REST Client. webMethods Integration supports the Authorization Code Grant, Implicit Grant, Client Credentials Grant, and Resource Owner Password Credentials Grant to generate the access tokens.

About this task

Clients use the access tokens to start REST URLs for running the flow services and REST APIs.

Procedure

  1. Open any REST client application, such as Postman.
  2. Generate the Access token by entering the following details. You can get the details from the client registration page. See Registering Clients.
    • In the Callback URL field, specify the redirection URL added during client registration.
    • In the Token Name field, provide a token name.
    • In the Auth URL field, provide the Authorization Endpoint URL available on the Client page in the following format: .../integration/rest/oAuth/authoriz
    • In the Access Token URL field, provide the Access Token Endpoint URL available on the Client page in the following format: .../integration/rest/oAuth/getToken
    • In the Client ID field, specify the client ID available on the Client page.
    • In the Client Secret field, specify the client secret available on the Client page.
    • In the Scope (Optional) field, specify the scope that is associated with the client.
    • In the Grant Type field, select Authorization Code or Implicit.

    Configuring the same client application details across multiple custom OAuth-based accounts can lead to issues related to access token invalidation. To avoid the issues, configure a unique set of client application details for a custom OAuth-based account.

  3. Go to webMethods Integration. The permissions page appears.
  4. Select the scopes that you want to grant access and click Grant Access.
    An access token is generated. A refresh token can also be generated depending on the Refresh Count configured for your client, and also if your grant type is Authorization Code Grant. If you have the Develop Anywhere, Deploy Anywhere capability that is enabled, you can generate a token by clicking the Add New Token option on the Token Management page. Providing the Client name and the Expiry Time.

What to do next

To run flow services or REST APIs by using OAuth 2.0. Open any REST Client application. Type the Request URL and change the HTTP method to POST. Run the flow service or REST API endpoint by using the generated access token.