Access Token

How to get the Access Token after the login process and how to use it

Obtaining Investor Access

The next step is to get the token for the issuer. Use the v1/{domainID}/oauth2/authorize endpoint, like:

curl -X POST "{baseUrl}" -H "accept: application/json" -H "Authorization: {secret}" -H "Content-Type: application/json" -d "{ \"code\": \"{code}\"}"

Parameter

Description

{domainID}

Your application client id provided by Securitize

authorization

Your application secret provided by Securitize

code

The Code you received in the previous set

post
Investor Authorization

https://sec-id-api.securitize.io/v1/{clientId}/oauth2/authorize
Used to exchange provided code for accessToken
Request
Response
Request
Path Parameters
clientId
required
string
Your application Client Id provided by Securitize
Headers
authorization
required
string
Your application secret provided by Securitize
Body Parameters
code
required
string
Code provided from Authentication flow on users browser
Response
200: OK
Returns JWT signed accessToken
{
"investorId": "string",
"accessToken": "string",
"refreshToken": "string",
"expiration": "2020-05-23T18:52:03.415Z"
}
401: Unauthorized
Could not find a cake matching this query.
{
"statusCode": 401,
"error": "Unauthorized",
"message": "Failed to authorize",
"details": null
}

JavaScript Example:

function requestToken() {
var issuerID = "STRING";
const baseUrl = "https://sec-id-api.sandbox.securitize.io/v1/"
+ issuerID + "/oauth2/authorize";
var scope = "info details verification";
var redirecturl = "STRING";
var OAuthSecret = "STRING";
// Get the CODE in the URL
const queryString = window.location.search;
const urlParams = new URLSearchParams(queryString);
const code = urlParams.get("code");
var data = JSON.stringify({
"code": code
});
var xhr = new XMLHttpRequest();
xhr.withCredentials = true;
xhr.addEventListener("readystatechange", function () {
if (this.readyState === 4) {
if (this.status === 200) {
// User is logged-in and has authorized the app
// Know we can get the TOKEN and start interacting
var response = JSON.parse(this.responseText);
console.log("Authorized with access Token: ", response.accessToken);
}
console.log(this.responseText);
}
});
xhr.open("POST", baseUrl);
xhr.setRequestHeader("Content-Type", "application/json");
xhr.setRequestHeader("Authorization", OAuthSecret);
xhr.send(data);
}