Access Token

How to get the Access Token after the login process and how to use it

Obtaining Investor Access

The next step is to get the token for the issuer. Use the v1/{domainID}/oauth2/authorize endpoint, like:

curl -X POST "{baseUrl}" -H "accept: application/json" -H "Authorization: {secret}" -H "Content-Type: application/json" -d "{ \"code\": \"{code}\"}"

Parameter

Description

{domainID}

Your application client id provided by Securitize

authorization

Your application secret provided by Securitize

code

The Code you received in the previous set

Investor Authorization

POST https://sec-id-api.securitize.io/v1/{clientId}/oauth2/authorize

Used to exchange provided code for accessToken

Path Parameters

NameTypeDescription

clientId

string

Your application Client Id provided by Securitize

Headers

NameTypeDescription

authorization

string

Your application secret provided by Securitize

Request Body

NameTypeDescription

code

string

Code provided from Authentication flow on users browser

{
  "investorId": "string",
  "accessToken": "string",
  "refreshToken": "string",
  "expiration": "2020-05-23T18:52:03.415Z"
}

JavaScript Example:

 function requestToken() {
   var issuerID = "STRING";
   const baseUrl = "https://sec-id-api.sandbox.securitize.io/v1/" 
                    + issuerID + "/oauth2/authorize";
   var scope = "info details verification";
   var redirecturl = "STRING";
   var OAuthSecret = "STRING";

   // Get the CODE in the URL
   const queryString = window.location.search;
   const urlParams = new URLSearchParams(queryString);
   const code = urlParams.get("code");

   var data = JSON.stringify({
     "code": code
   });

   var xhr = new XMLHttpRequest();
   xhr.withCredentials = true;

   xhr.addEventListener("readystatechange", function () {
     if (this.readyState === 4) {
       if (this.status === 200) {
         // User is logged-in and has authorized the app
         // Know we can get the TOKEN and start interacting
         var response = JSON.parse(this.responseText);
         console.log("Authorized with access Token: ", response.accessToken);
       }
       console.log(this.responseText);
     }
   });
   xhr.open("POST", baseUrl);
   xhr.setRequestHeader("Content-Type", "application/json");
   xhr.setRequestHeader("Authorization", OAuthSecret);
   xhr.send(data);
 }

Last updated