Client credentials Grant Type

Credentials
Name	What it's used for	Where to find it	Example values
client_id	This is an OAuth parameter that identifies your client. Think of it as an application id.	Under your apps in your dashboard	xhdrs6uleK1xy ZBOvX37PJ5wALcv1O9
client_secret	This is the secret for the client_id, which is an OAuth parameter that identifies your client. Think of it as an application password.	Under your apps in your dashboard	Glz2FV5XYOvAhFCE
Other
Connectid username/password	These credentials are not involved in using the APIs at all. These are used by a developer to get access to the developer portal. This is a personal user that you can use for other Telenor services, like Min Sky.	If you need to register a new user, or if you've forgotten your password, you log in as a developer. If you need access to a specific company's apps, the administrator of that company must send you an invite to your connectid	username: myemailusername@example.com (or mobile number) Password: yourOwnChoice123
Min Bedrift Username/password	This user is not involved in the actual usage of the APIs. This is your single sign on user to the Min Bedrift Portal if your company has a Min Bedrift Agreement. You may have different roles within the company. If you are an API administrator, this is the user you should log in with to add developers.	If you need to register a new user, or if you've forgotten your password, you log in as a developer. If you need access to a specific company, a super administrator of that company must add you.	username: myemailusername Password: AbcDefG123

API Reference

oauth

GET /oauth/v2/logout Logout

Description Error responses Try it

Implementation notes

Invalidate the access token.

The client makes a request to invalidate the access token.
This is a optional operation.

Example invocation: "curl -v -X GET https://api.telenor.no/oauth/v2/logout --header "Authorization: Bearer OD....==" "
Example response (200 OK): OK!

Parameters

Parameter:
Authorization*
Description:
Authorization, Example: "Authorization: Bearer Xjh6f....MkjJH65
Parameter type:
header
Data type:
string

Response class (Status 200)

Model | Model schema

Error responses

401: Error code 2 - Invalid access token
Error code 6 - Missing or bad Authorization header

500: Error code 2 - Internal Server Error

The Try-It functionality is only available when logged in to the portal.

POST /oauth/v2/token Create access token

Description Error responses Try it

Implementation notes

This token must be used to authorize all further API requests to the server, and is valid for a period of time.

Client credentials Grant Type

This oauth flow is suitable in cases with machine to machine communication. Where the request client is a highly privileged application. Clients are typical not allowed to use this grant type from Internet.

Example invocation: "curl -v -X POST https://api.telenor.no/oauth/v2/token -u client_id:client_secret --data "grant_type=client_credentials" "

Example response (200 OK): "{"access_token" : "4P....uY", "expires_in" : 3599}", time in seconds.

NOTE:
The authorization header is created from your client_id (Consumer Key) as your basic authentication username,
and the client_secret (Consumer secret) as the basic authentication password. Basic authentication requires you to Base64 encode the combination of username:password, note: the colon separating the username and password and is in the form "Authorization: Basic OZXhhbXBsZWNsaWVudGlkOmV4YW1wbGVzZWNyZXQ="
When using curl use can use '-u username:password' in order for curl to do the Base64 and add this header for you.

Parameters

Parameter:
Authorization*
Description:
Authorization, Basic authorization using the Consumer Key (client_id) as 'username' and Consumer secret (client_secret) as password. Base64 encode username:password. "Authorization: Basic QW....=="

Example: Authorization: Basic Q2xpZW50SWQ6U2VjcmV0
Parameter type:
header
Data type:
string

Parameter:
grant_type*
Description:
Grant type of token request.

Possible values: authorization_code, password, client_credentials
Parameter type:
formData
Data type:
string

Parameter:
scope
Description:
The scope of the access request.
Parameter type:
formData
Data type:
string

Response class (Status 200)

Model | Model schema

access_tokenstring: The token representing an authorization issued to the client and the logged in user
expires_ininteger: The lifetime in SECONDS of the AccessToken. E.g. a value of 3600 indicated that the access_token will expire in 1 hours from the time it was issued.
token_typestring: If returned, it will explicitly state the type of token issued. It will be ‘Bearer’ by default.
refresh_tokenstring: If returned, the refresh token can be used to obtain new access tokens using the authorization grant ‘refresh_token’. The refresh token itself will also be refreshed.

{
  "access_token": "Iu25QXBwbGbljYXRpzQHRIuYlbGVub329XXQ3tOnMY3BRo0QyVFJUiN",
  "expires_in": "3600",
  "token_type": "Bearer",
  "refresh_token": "9XXQ3tOnMY3BRo0QyVFJUiNIu25QXBwbGbRIuYlbGVub32ljYXRpzQH"
}

Error responses

400: Error code 2 - Missing or invalid grant_type

401: Error code 1 - Invalid client id
Error code 21 - Unsufficient permissions to use requested grant_type
Error code 22 - Basic Authentication failed, bad username or password.
Error code 4 - Invalid authorization code
Error code 5 - Not authorized to create access token
Error code 6 - Missing or bad Authorization header
Error code 7 - Invalid refresh_token
Error code 9 - Invalid Client data

403: Error code 12 - Invalid RedirectURI
Error code 15 - Illegal Response Type
Error code 8 - Illegal or non authorized scope

500: Error code 16 - Invalid App Attributes.Please contact Telenor Admin
Error code 2 - Internal Server Error

The Try-It functionality is only available when logged in to the portal.