OAuth2 Authentication Modes

The REST API uses the authentication types specified for the CSM Browser Client:

  • Internal: Uses the login ID and password specified for a user in CSM. If no other mode is specified, Internal mode is used.
  • LDAP: Uses the LDAP settings configured for CSMand the server variable LOGON_USER to attempt to find a CSMuser. You can also use domain\username and password.
  • SAML: Uses the SAML settings configured for CSMto validate credentials and find the CSMuser.
  • Windows: Uses the server variable LOGON_USER to attempt to find a CSMuser. You can also use domain\username and password.

Make an HTTP POST call to the token operation to get an access token. Pass data in to the request body according to a specific authentication type. CSM returns a JSON response that includes information about the access token. The example below shows the response body for the internal authentication mode:

Copy
{ "access_token": "SampleAccessTokenValue"
"token_type": "bearer"
"expires_in": 1199
"refresh_token": "SampleRefreshTokenValue"
"as:client_id": "SampleClientIdValue"
"username": "Username"
".issued": "Fri, 31 Mar 2017 15:31:39 GMT"
".expires": "Fri, 31 Mar 2017 15:51:39 GMT"
}