OAuth2 Authentication Modes

The REST API uses the authentication types specified for the CSM Browser Client:

• Internal: Uses the login ID and password specified for a user in CSM. If no other mode is specified, Internal mode is used.
• LDAP: Uses the LDAP settings configured for CSMand the server variable LOGON_USER to attempt to find a CSMuser. You can also use domain\username and password.
• SAML: Uses the SAML settings configured for CSMto validate credentials and find the CSMuser.
• Windows: Uses the server variable LOGON_USER to attempt to find a CSMuser. You can also use domain\username and password.

Make an HTTP POST call to the token operation to get an access token. Pass data in to the request body according to a specific authentication type. CSM returns a JSON response that includes information about the access token. The example below shows the response body for the internal authentication mode:

{ "access_token": "SampleAccessTokenValue", 
"token_type": "bearer", 
"expires_in": 1199, 
"refresh_token": "SampleRefreshTokenValue", 
"as:client_id": "SampleClientIdValue", 
"username": "Username", 
".issued": "Fri, 31 Mar 2017 15:31:39 GMT", 
".expires": "Fri, 31 Mar 2017 15:51:39 GMT"
}