Skip to main content

Requesting a token

Example URL to redirect user to:

https://cxm.example.com/q/oauth/v2/auth
?client_id=zbueiup9h80s487asgc4s4gss4kww4cwsgk0owk4gc8s4kkg4
&response_type=code
&scope=openid
&redirect_uri=https://myapp/oauth-handler
&state=ABCDEF

Example request for an access token with identity token:

curl -X POST https://cxm.example.com/q/oauth/v2/token \
-F client_id=zbueiup9h80s487asgc4s4gss4kww4cwsgk0owk4gc8s4kkg4 \
-F client_secret=4008txjcmcg0scg04oo8wsko054dg2f8ss4gsog0wgg8wwgw4w \
-F grant_type=authorization_code \
-F code=OWFkNTM3NjY2NDZjODhmYzRhYWU4NTFlN2E1MDk4ZGYxMWZlMjNlNzBjNTU1NWNmYWM4ZmRmNThiMDBhNzNkOA \
-F redirect_uri=https://myapp/oauth-handler \

Example response:

{
"access_token":"YTkxZjgwMWM3M2YxNzgzZjY5MmE2NDA1M2MxODdmZWE2NWZkMzFlYzhmMmM2YzA5NDVlMmFkZjczZThkYTJkMg",
"expires_in":3600,
"token_type":"bearer",
"scope":"openid",
"refresh_token":"MTMwMWU0MDU1NTgzNjM1YzUwYzcwMDc3Zjc2M2U4OTk0ODRlNWY5YjI1NzE0Mjc0MWI2ODQ5NTBmODBiN2Q1OQ"
"id_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwiYXVkIjoiemJ1ZWl1cDloODBzNDg3YXNnYzRzNGdzczRrd3c0Y3dzZ2swb3drNGdjOHM0a2tnNCIsImlhdCI6MTUwODgzNDE0NiwiZXhwIjoxNTA4ODM4MjMzLCJqdGkiOiI5ZTM1NDkyZi1hOWE5LTQzMWYtOWI4ZC1lZWIxZjgyYzNiMDEifQ.TgNGiEjFBCM-po4_-R_ISEZ8cNc6BsyzE4_S6A_UAz8",
}

You can request additional information about the user by specifying one or more additional scopes:

scopevalue
addressThe formatted address of the Person record linked to the user (if they have one)
emailThe user's email address
email_verifiedWhether or not the user has verified their email address
family_nameThe user's last name
given_nameThe user's first name
nameThe user's full name
pictureURL to the avatar set by the user

Before using it, you should verify the token.