© 2018 Capita Business Services Ltd. All rights reserved.

Capita Education Software Solutions is a trading name of Capita Business Services Ltd. Our Registered office is 30 Berners Street, London, W1T 3LR and our registered number is 02299747. Further information about Capita plc can be found in our legal statement.

Token Endpoint

The token endpoint can be used to programmatically request or refresh tokens (resource owner password credential flow, authorisation code flow, client credentials flow and custom grant types).

Supported Parameters

  • grant_type (required)
    • authorization_code, client_credentials, password, refresh_token or custom
  • scope (required for all grant types besides refresh_token and code)
  • redirect_uri (required for code grant type)
  • code (required for code grant)
  • code_verifier (required when using proof keys)
  • username (required for password grant type)
    password (required for password grant_type)
  • acr_values (allowed for password grant type to pass additional information to user service)
    • idp:name_of_idp bypasses the login screen and forwards the user directly to the selected external identity provider if configured for the client. For example, using idp:Microsoft for configured clients will forward the user directly to Microsoft Account for external authentication into SIMS ID.
  • refresh_token (required for refresh token grant)
  • client_id (either in the post body, or as a basic authentication header)
  • client_secret (either in the post body, or as a basic authentication header)

Authentication

All requests to the token endpoint must be authenticated - either pass client id and secret via Basic Authentication or add client_id and client_secret fields to the POST body.

When providing the client_id and client_secret in the Authorization header it is expected to be in the format of client_id:client_secret and then Base64 encoded.

c# Example:

var clientId = "YOUR_CLIENT_ID";
var clientSecret = "YOUR_CLIENT_SECRET";

var encoding = Encoding.UTF8;
var credentials = string.Format("{0}:{1}", clientId, clientSecret);

var headerValue = Convert.ToBase64String(encoding.GetBytes(credentials));

Example

(Form-encoding removed and line breaks added for readability)

POST /connect/token
Authorization: Basic abcxyz

grant_type=authorization_code&
code=hdh922&
redirect_uri=https://myapp.com/callback

Register as a Technical Integrator

Click Here to register

Web - SIMS ID Based APIs RESOURCES

Related resources for Web - SIMS ID Based APIs