Menu
The application receives an access token after a user successfully authenticates and authorizes access, then passes the access token as a credential when it calls the target API.
OAuth 2.0 is an authorization protocol and NOT an authentication protocol. As such, it is designed primarily as a means of granting access to a set of resources, for example, remote APIs or user's data. OAuth 2.0 uses Access Tokens.
With OAuth, the token is generally passed in the request headers. You may wish to try something similar to the following, for both POST or GET:
POST: curl http://api.localhost/write -H 'Authorization: Bearer ACCESS_TOKEN'
GET: curl http://api.localhost/read -H 'Authorization: Bearer ACCESS_TOKEN'
The value part of the Authorization key/value pair can vary by REST service provider. With Github, for instance, the header key/value pair looks like this:
curl -H "Authorization: token your_token" https://api.github.com/repos/user/repo
You may need to consult the webservice provider docs for details.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With