How to Create the OAuth and Refresh Token
Request Parameters
Parameters can either be in the query string or x-www-urlencoded-form.
Parameter |
Description |
Required? |
---|---|---|
code |
Authorization code. This is provided in the “code” query parameter of the URL that the /authorize API redirects to after a successful login. |
Only when using the authorization_code grant type |
grant_type |
One of the following: |
Yes |
client_id |
SEI's API consumer secret. Provided to API users. |
Yes |
client_secret |
SEI's API consumer key. Provided to API users. |
Yes |
endOtherSessions |
Ends any other SEI Platform sessions. Used to override the "concurrent user" setting that allows user to maintain multiple sessions. Correct values are true or false with false as the default value. |
No |
Form Parameters
If you are using the client_credentials grant type, pass the following parameters as x-www-urlencoded-form values.
Parameter |
Description |
Required? |
---|---|---|
|
SEI login email |
Yes |
password |
SEI login password |
Yes |
If you are using the urn:ietf:params:oauth:client-assertion-type:saml2-bearer grant type to log in using SSO, pass one of the following parameters as x-www-urlencoded-form values. SAML assertions can be constructed in one of two ways: a signed SAMLResponse object or a signed SAMLAssertion object.
Parameter |
Description |
Required? |
Example |
|
---|---|---|---|---|
SAMLResponse |
This is a Base64 encoded SAMLResponse XML object. This object must be signed by your private key and we must have a copy or your public key on file. |
You must pass this or the other parameter |
Examples of valid response objects can be found online or from your IdP provider. |
|
SAMLAssertion |
|
You must pass this or the other parameter |
Example Response Payload
{ "access_token": "<access_token>", "token_type": "BearerToken", "expires_in": 3599, "refresh_token": "<refresh_token>", "refresh_token_expires_in": 2591999, "redirect_url": "https://www.redirect.com", "email": "<IL_account_email_address>" }
Additional Parameters
Parameter |
Description |
|
---|---|---|
access_token |
OAuth Access Token. |
|
expires_in |
The lifespan or time-to-live (TTL) of the access token in seconds. |
|
refresh_token |
OAuth refresh token. Only sent for Authorization Code flow. |
|
refresh_token_expires_in |
|
|
redirect_url |
Redirect URL registered for the client application. |
|
|
|