OAuth2 Authentication Modes
The REST API uses the authentication types specified for the CSM Browser Client:
- Internal: Uses the login ID and password specified for a user in CSM. If no other mode is specified, Internal mode is used.
- LDAP: Uses the LDAP settings configured for CSMand the server variable LOGON_USER to attempt to find a CSMuser. You can also use domain\username and password.
- SAML: Uses the SAML settings configured for CSMto validate credentials and find the CSMuser.
- Windows: Uses the server variable LOGON_USER to attempt to find a CSMuser. You can also use domain\username and password.
Make an HTTP POST call to the token operation to get an access token. Pass data in to the request body according to a specific authentication type. CSM returns a JSON response that includes information about the access token. The example below shows the response body for the internal authentication mode:
Copy
{ "access_token": "SampleAccessTokenValue",
"token_type": "bearer",
"expires_in": 1199,
"refresh_token": "SampleRefreshTokenValue",
"as:client_id": "SampleClientIdValue",
"username": "Username",
".issued": "Fri, 31 Mar 2017 15:31:39 GMT",
".expires": "Fri, 31 Mar 2017 15:51:39 GMT"
}