Public API
User management
Content integrations

Authorization

Requesting access token

Masterplan public API authorization is based on OAuth2.

To obtain access token use following url with your CLIENT_ID and CLIENT_SECRET:

POST https://auth.masterplan.com/auth/realms/masterplan/protocol/openid-connect/token

Example curl command for obtaining access token:

curl -X POST https://auth.masterplan.com/auth/realms/masterplan/protocol/openid-connect/token \
     -H 'Content-Type: application/x-www-form-urlencoded' \
     -d 'client_id=CLIENT_ID' \
     -d 'client_secret=CLIENT_SECRET' \
     -d 'grant_type=client_credentials'

Example response

{
    "access_token": "eyJhbGc...WETw",
    "expires_in": 60,
    "refresh_expires_in": 0,
    "token_type": "Bearer",
    "not-before-policy": 0,
    "scope": "email profile"
}

Response structure is a list of attributes:

Name Type Description
access_token string Access token that should be used in requests to API in Authorization header
refresh_token string Refresh token provides a way to obtain new access token without re-sending secrets
expires_in integer Token TTL in format of number of seconds since issued (60 seconds by default)
PAGE CONTENT