OAuth2 Authentication Modes
The REST API uses the authentication types specified for the
CSM Browser Client:
- Internal
Uses the login ID and password specified for a user in CSM. If no other mode is specified, Internal mode is used.
- LDAP
Uses the LDAP settings configured for CSM and the server variable LOGON_USER to attempt to find a CSM user. You can also use domain\username and password.
- SAML
Uses the SAML settings configured for CSM to validate credentials and find the CSM user.
For SAML configuration steps, refer to Configuring the REST API for SAML Authentication.
- Windows
Uses the server variable LOGON_USER to attempt to find a CSM user. You can also use domain\username and password.
Make an HTTP POST call to the
token operation to get an access token. Pass data into the request
body according to a specific authentication type.
CSM
returns a JSON response that includes information about the access token. The
example below shows the response body for the internal authentication mode:
{ "access_token": "SampleAccessTokenValue", "token_type": "bearer", "expires_in": 1199, "refresh_token": "SampleRefreshTokenValue", "as:client_id": "SampleClientIdValue", "username": "Username", ".issued": "Fri, 31 Mar 2017 15:31:39 GMT", ".expires": "Fri, 31 Mar 2017 15:51:39 GMT" }