OAuth 2.0 - Resource Owner Password Credentials Grant

SmithCart > Integration > REST Endpoints
Usage
Retrieve the JWT access token using the Resource Owner Credentials
Basic URI
/Services/v1/Token.ashx
Parameters
username     The host username
password      The host password
scope            The scope(s) that will gives the access to a certain requests (encoded string)
HTTP Example
POST https://domain.com/DesktopModules/Smith.BuyNow/Services/v1/Token.ashx
Request Body
grant_type=password&username={host}&password={password}&scope=private%20orders%20create%20edit%20delete
Header
Content-Type: application/x-www-form-urlencoded
Authorization: Basic Base64 (ClientID + ":")
Service Type
OAuth 2.0
 
C# Code
using System.Web;
using System.Net;
using System.IO;
using System.Text;


var storURL = "https://domain.com/DesktopModules/Smith.BuyNow/Services/V1/";
var request = (HttpWebRequest)WebRequest.Create(storURL + "Token.ashx");

var postData = "grant_type=password&username=host&password=password&scope=orders%20edit";
var data = Encoding.ASCII.GetBytes(postData);

request.Method = "POST";
request.ContentType = "application/x-www-form-urlencoded";
request.Headers["Authorization"] = "Basic " + Convert.ToBase64String(ClientID + ":");

using (var stream = request.GetRequestStream())
{
    stream.Write(data, 0, data.Length);
}

var response = (HttpWebResponse)request.GetResponse();
var responseString = new StreamReader(response.GetResponseStream()).ReadToEnd();
 
 
JavaScript Code
<script>
   (function () {
       var STORE_URL = "https://domain.com/DesktopModules/Smith.BuyNow/Services/v1/",
           CLIENT_ID = "U0tWWmc4T05FcldQM3YxTw==",
           USERNAME = "host",
           PASSWORD = "pass1234",
           SCOPE = "orders edit";

       function getJWT(storeURL, clientID, userName, passWord, scope) {

           var xmlHttp = null;
           xmlHttp = new XMLHttpRequest();
           xmlHttp.open("POST", storeURL + "Token.ashx", true);
           xmlHttp.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");
           xmlHttp.setRequestHeader("Authorization", "Basic " + btoa(clientID + ":"));
           xmlHttp.send("grant_type=password&username=" + userName
               + "&password=" + passWord
               + "&scope=" + encodeURIComponent(scope));
       }

       getJWT(STORE_URL, CLIENT_ID, USERNAME, PASSWORD, SCOPE);
   })();
</script>
 
 
Response
HTTP/1.1 200 OK
Content-Type: application/json;charset=UTF-8
Cache-Control: no-store
Pragma: no-cache

{
   "token_type": "Bearer"
   "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.........."
   "expires_in": "3600"
   "scope": "orders edit"
}