1. Oracle Linux Automation Manager CLI and API Reference Guide
  2. Tasks
  3. Authentication

Token Handling Using OAuth2

get

/api/o/

This page lists OAuth 2 utility endpoints used for authorization, token refresh and revoke. Note endpoints other than /api/o/authorize/ are not meant to be used in browsers and do not support HTTP GET. The endpoints here strictly follow RFC specs for OAuth2, so please use that for detailed reference. Note AWX net location default to http://localhost:8013 in examples:

Create Token for an Application using Authorization code grant type

Given an application "AuthCodeApp" of grant type authorization-code, from the client app, the user makes a GET to the Authorize endpoint with

  • response_type
  • client_id
  • redirect_uris
  • scope

AWX will respond with the authorization code and state to the redirect_uri specified in the application. The client application will then make a POST to the api/o/token/ endpoint on AWX with

  • code
  • client_id
  • client_secret
  • grant_type
  • redirect_uri

AWX will respond with the access_token, token_type, refresh_token, and expires_in. For more information on testing this flow, refer to django-oauth-toolkit.

Create Token for an Application using Password grant type

Log in is not required for password grant type, so a simple curl can be used to acquire a personal access token via /api/o/token/ with

  • grant_type: Required to be "password"
  • username
  • password
  • client_id: Associated application must have grant_type "password"
  • client_secret

For example:

curl -X POST \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -d "grant_type=password&username=<username>&password=<password>&scope=read" \
  -u "gwSPoasWSdNkMDtBN3Hu2WYQpPWCO9SwUEsKK22l:fI6ZpfocHYBGfm1tP92r0yIgCyfRdDQt0Tos9L8a4fNsJjQQMwp9569e
IaUBsaVDgt2eiwOGe0bg5m5vCSstClZmtdy359RVx2rQK5YlIWyPlrolpt2LEpVeKXWaiybo" \
  http://localhost:8013/api/o/token/ -i

In the above post request, parameters username and password are username and password of the related AWX user of the underlying application, and the authentication information is of format <client_id>:<client_secret>, where client_id and client_secret are the corresponding fields of underlying application.

Upon success, access token, refresh token and other information are given in the response body in JSON

Request

There are no request parameters for this operation.

Back to Top

Response

200 Response

Back to Top