3. Exchange the code for token
-
-
-
Let's break it down, line by line...
+
Now that we have the authorization code, we can exchange it for an access token. This is done by sending a POST request to the token endpoint.
+
+
With body data
+
+
Let's break it down...
-
-
https://sso.rumbuddy.cz/realms/OAuthPlayground/protocol/openid-connect/token
+
The token endpoint URL
-
-
grant_type=authorization_code
+ grant_type=
The grant type, in this case authorization_code
-
-
client_id=oauth-playground
+ client_id=
Client ID of the application. This is a public identifier for the client, and it is
used by the authorization server to identify the application
when redirecting the user back to the client.
-
-
redirect_uri=http://localhost:5555/flow/code-2
+ redirect_uri=
The redirect URI
-
-
code=--Vto71vecBQbZnbA7ErehWHVQq4x1pm5YtA9Rr7x5zjhMGS
+ code=
This is the authorization code we got in the previous step and is used to obtain the
access token.
@@ -108,13 +110,19 @@
function fillRequestExample() {
const requestExample =
- "POST https://sso.rumbuddy.cz/realms/OAuthPlayground/protocol/openid-connect/token?" + "\n\n"
- + "grant_type=authorization_code" + "\n"
+ "grant_type=authorization_code" + "\n"
+ "&client_id=" + clientID + "\n"
+ "&redirect_uri=" + getRedirectUri() + "\n"
+ "&code=" + code;
- $("#requestExample").text(requestExample);
+ $("#requestUriExample").text(tokenEndpoint);
+ $("#requestBodyExample").text(requestExample);
+
+ $("#tokenUrl").text(tokenEndpoint);
+ $("#grantType").text("authorization_code");
+ $("#clientId").text(clientID);
+ $("#redirectUri").text(getRedirectUri());
+ $("#code").text(code);
}
function getRedirectUri() {
@@ -139,7 +147,6 @@
})
.then(response => response.json())
.then(data => {
- console.log(data); // This will print the access token if the request was successful
$("#token").text(JSON.stringify(data, null, 2));
})
.catch(error => {