1. Token
  • Overview
  • Application Guides
    • Frontend
      • Get Started - React App
      • Get Started - HTML and JS
      • Get Started - Angular JS
      • Get Started - Next JS App
    • Backend
      • Get Started - Node JS
      • Get Started - Golang
      • Get Started - ASP.NET
      • Get Started - JAVA
  • Dashboard
    • API Credentials
    • Organization
    • Social Login
    • Customize Email Template
    • Configure Custom Domain
    • IT Admin Portal
  • Authentication
    • Login Widget
    • Magic Link
    • Google Social Login
    • Multi-Factor Authentication
    • Single Sign-On Overview
    • Setup SSO Connection
  • Security
    • Overview
    • Authentication
      • Password Hashing and Storage
      • Multi-Factor Authentication Methods and Implementation
      • Session Management
    • Attack Protection
      • Bot Detection
      • Breached Password Detection
      • Brute Force Protection
      • Log Events
      • Secure JSON Web Tokens (JWT)
      • Secure OpenID Connect (OIDC)
      • Suspicious IP Throttling
    • Data Security
      • Data Encryption At Rest and In Transit
      • Secure Storage of Secrets (Keys, Credentials)
      • Sensitive Data Handling
    • Infrastructure
      • Security Considerations for Cloud Provider or Deployment Model
      • Threat Modeling
  • API References
    • Authentication
      • MagicLink
        • Email a Magic Link
        • Resend Email Magic Link
        • Verify Magic Link
        • Ping Status
      • Magic Auth Code
        • Email a Magic Auth Code
        • Resend Magic Auth Code
        • Verify Magic Auth Code
      • Phone Authentication
        • Send Magic Auth Code via SMS
        • Resend Magic Auth Code via SMS
        • Phone Magic Auth Verify
      • PassKey
        • Initiate Passkey Login
        • Passkey Registration Initialize
        • Finish Passkey Authentication
        • Complete Passkey Registration
        • Check User Passkey Authentication Status
        • List User PassKey Credentials
        • Update Passkey Name
        • Delete Associated Passkey
      • GET Auth Status
    • Token
      • Refresh Token
        GET
      • Access Token By Auth Code
        GET
    • Mutli-Factor Authentication (MFA)
      • MFA Access Token
      • List of Authenticators
      • MFA Enroll TOTP
      • Initiate MFA
      • QR Code Image API
      • Validate MFA Token
      • Get Backup Code
    • Role And Permission
      • List All Roles
      • List All Permission
      • Create New Role
      • Update Existing Role
      • Update Permission By Permission Id
      • Remove Organization Role By Role Id
      • Remove Organization Permission By Permission Id
    • User Management
      • List All Users
      • GET User By User Id
      • GET User by User Email Address
      • Create a User
      • Update User by User Id
      • Verify User Status By User Id
      • Delete User By User Id
      • Manage User Roles
      • GET Users Organizations
      • GET User Login Logs
    • Organization
      • Add New Organization
      • Get Organization
      • Get All Organization
      • Update Organization
      • Delete Organization
      • GET Configuration By Client Id
      • GET Configuration By Custom Domain
  1. Token

Access Token By Auth Code

GET
https://api.ssojet.com/api/v1/sso/oauth/accesstoken

Access Token By Auth Code#

This endpoint is used to retrieve the access token for single sign-on (SSO) authentication. It is a GET request with the following parameters in the query string:

Request#

Method: GET
URL: https://api.ssojet.com/api/v1/sso/oauth/accesstoken
Query Parameters:
client_id (string): The unique identifier for the client application.
state (string): An optional parameter used to maintain state between the request and the callback.
code (string): The authorization code obtained from the SSO authentication flow

Response#

The response for this request is a JSON object with the following schema:
{
  "access_token": "string",
  "token_type": "string",
  "expires_in": "integer",
  "refresh_token": "string",
  "scope": "string"
}
access_token (string): The token that will be used to authenticate subsequent requests.
token_type (string): The type of token, typically "bearer".
expires_in (integer): The duration in seconds for which the access token is valid.
refresh_token (string): A token that can be used to obtain a new access token when the current one expires.
scope (string): The scope of the access token, indicating the level of access granted.

Response Status Code#

200 OK: Magic link sent successfully.
400 Bad Request: Invalid email format.
500 Internal Server Error: An error occurred while processing the request.

Request

Query Params
code
string 
required
The code parameter is an authorization code received after a successful authentication request. This code is exchanged for an access token
Example:
string
client_id
string 
required
This identifies the application making the request to the SSOJET server. You can find your client ID on the API Keys page in the dashboard
Example:
string
state
string 
required
The state parameter is used to track the status of a user authencation in the REST API. It helps in maintaining the user authencation context and monitoring its progress throughout the request lifecycle
Example:
string
Header Params
Content-Type
string 
optional
Default:
application/json
User-Agent
string 
optional
Default:
SSOjet/1.0.0 (https://ssojet.com)

Request samples

Shell
JavaScript
Java
Swift
Go
PHP
Python
HTTP
C
C#
Objective-C
Ruby
OCaml
Dart
R
Request Request Example
Shell
JavaScript
Java
Swift
curl --location --request GET 'https://api.ssojet.com/api/v1/sso/oauth/accesstoken?code=string&client_id=string&client_id=&state=string' \
--header 'User-Agent: SSOjet/1.0.0 (https://ssojet.com)' \
--header 'Content-Type: application/json'

Responses

🟢200Success
application/json
Body
object {0}
Example
{}
Modified at 2024-07-22 11:12:27
Previous
Refresh Token
Next
MFA Access Token
Built with