Home

oAuth Authorization

POST /esignglobal/v1/oauth2/accessToken

Description

Obtain authentication access_token with app_id and app_secret, which is used to call eSignGlobal APIs on behalf of a user.

The Token is valid for 24 hours. Developers should obtain a new token before the current one expires.

Request Parameters

Parameter

Type

Required

Description

client_id

string

true

appID, can be created in Settings > Integration > Apps

client_secret

string

true

Secret Key, can be obtained on APP Details page. (Settings > Integration > Apps > APP Details)

grant_type

string

true

Authorization Type:

client_credentials:Exchange client_id and client_secret for an access_token.

authorization_code:Requires user participation in the authorization process(Valid for 365 days). After authorization is completed, an access_token and refresh_token can be obtained.

refresh_token:Within the validity period of the authorization and while the refresh_token is still valid, the validity period of the refresh_token can be extended through a refresh operation.

code

string

false

Authorization code, should be obtained on the previous step (Authorize an eSignGlobal user).

The parameter is required when authorization type is authorization_code.

refresh_token

string

false

Received and stored from the server when initially creating an access_token.

The parameter is required when authorization type is refresh_token.

Ensure all parameters are sent as form fields using the multipart/form-data content type. Parameters sent in the URL or as JSON will not be processed correctly.

Request Example

curl --location 'http://………………/esignglobal/v1/oauth2/accessToken' \
--form 'client_id="LZn…………g89"' \
--form 'client_secret="5ugL0rM………………Yne7b"' \
--form 'grant_type="client_credentials"' \

Responses

Parameter

Type

Description

access_token

string

Authentication Token.Valid for 1 days.

expires_in

int

The time remaining until the Token expires

Unit: Seconds

scope

string

Permission scope

  • When grant_type is client_credentials, the returned value is fixed: read-write;
  • When grant_type is authorization_code or refresh_token, the returned value is the corresponding permission scope.

token_type

string

Token type, fixed value: Bearer

refresh_token

string

Returned only when grant_type is authorization_code or refresh_token, is valid for 30 days, and need to re-authorize after expiration.

Response example

{
    "access_token": "eyJhbGciOiJIUzI1N………………th1pMM3oYk",
    "expires_in": 86398,
    "scope": "read-write",
    "token_type": "bearer"
}

 

Description
Request Parameters
Request Example
Responses
Response example