Client credentials flow quick start

If you want to use machine-to-machine authorization, you might want to use the client credentials grant flow. The client app needs to securely store its client identifier and secret and pass those to the Authorization Server in exchange for an access token. This quick start procedure will help you start using the client credentials flow as soon as possible.

Before you begin

  1. Configure OAuth scopes for resource and methods in your registered API. See Configure OAuth 2.0 scopes.
  2. Register at least one identity provider to authenticate resource owners. See Register an identity provider.
  3. Set up your app in OAuth Management in Control Center. See Register a client app.

How to

Start the credentials grant flow by making a request to the Authorization Server:
POST https://oauth.akamai.com/v1/token HTTP/1.1 
Authorization: Basic <client-id>:<client-secret> 
Content-Type: application/x-www-form-urlencoded 

grant_type=client_credentials
Note the parameters in the request:
grant_type
Information which authorization grant flow you are using. For the client credentials flow, it's client_credentials.

What you should see

If the credentials are valid, the client app will receive a response with an access token similar to this one:

HTTP/1.1 200
Content-Type: application/json

{
  "access_token" : <access-token>,
  "token_type" : "Bearer",
  "expires_in" : <expiration-time-in-seconds>,
  "scope" : <granted-scopes>
Note the properties of the response:
access_token
The access token issued by the Authorization Server.
token_type
The type of token. Typically, it is a string Bearer.
expires_in
The time in seconds that the access token is valid for.
scope
The scopes granted to the client app.

Next steps

Optionally, you can: