Menu

Request an OAuth token

An OAuth token is used to authenticate yourself when sending REST API calls to the Knox E-FOTA service. To generate OAuth 2.0 tokens, the REST API key is encoded into the header of REST API calls to authenticate yourself to the Knox E-FOTA server.

NOTE —The generated tokens are valid for one hour. After a token expires, you need to generate a new one.

This section uses sample PHP code to demonstrate how to generate OAuth 2.0 tokens to authenticate your identity when sending REST API calls to the Knox E-FOTA server.

Request

To generate an OAuth 2.0 token, encode your REST API key in a HTTP POST method:

https://eu-api.samsungknox.com/iam/auth/oauth/v2/token

Header

  • Content-Type—Enter "application/xwww-form-urlencoded".

Body

Encode the following elements in the body of the request:

  • client_id—Used to generate an OAuth 2.0 access token to authenticate your identity in REST API calls. A hyphen-separated 32-character hexadecimal string, for example, "aaaa1111-bb22-cc33-dd44-eeeeee555555". Go to view your license keys to obtain your license key number, and use the number as your client_id.
  • client_secret—Used to generate an OAuth 2.0 access token to authenticate your identity in REST API calls. A hyphen-separated 32-character hexadecimal string, for example, "bbbb2222-cc33-dd44-ee55-ffffff666666".Go to view your license keys to obtain your client_secret.
  • grant_type—Enter "client_credentials".

Example

Here is a PHP script you can use to generate a token:

function getToken(){
    $endpoint = "https://eu-api.samsungknox.com/iam/auth/oauth/v2/token";
    $params = array(
    "client_id"     => "aaaa1111-bb22-cc33-dd44-eeeeee555555",
    "client_secret" => "bbbb2222-cc33-dd44-ee55-ffffff666666",
    "grant_type" => "client_credentials");
    $curl = curl_init($endpoint);
    curl_setopt($curl, CURLOPT_HEADER, true);
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($curl, CURLOPT_POST, true);
    curl_setopt($curl, CURLOPT_HEADER,'Content-Type: application/xwww-form-urlencoded');
    $postData = "";
    // This is needed to properly form post the credentials object
    foreach($params as $k => $v)
        {$postData .= $k . '='.urlencode($v).'&';
    }
    $postData = rtrim($postData, '&');
    curl_setopt($curl, CURLOPT_POSTFIELDS, $postData);
    $json_response = curl_exec($curl);
    curl_close($curl);
    $token = json_decode($json_response,true);
    return $token['access_token'];
}

Response

If the API call is successful, the Knox E-FOTA server returns HTTP/1.1 200 OK with these XML elements in the body:

  • access_token—The OAuth 2.0 token used to authenticate your identity to the Knox E-FOTA server. A hyphen-separated 32-character hexadecimal string, for example,"aaaa1111-bb22-cc33-dd44-eeeeee555555".
  • token_type—Represents how an access_token will be generated and presented in REST API calls to the Knox E-FOTA server. For example, "Bearer".
  • expires_in—The generated tokens are valid for one hour. After a token expires, you need to generate a new one.
  • scope—Provides the scope for the API call. For example "fota".
$token = getToken();
curl_setopt_array($curl, array(
    CURLOPT_URL => "https://eu-api.samsungknox.com/b2bfota/v1/xxx",
        CURLOPT_HTTPHEADER => array(
            'authorization: Bearer '.$token,
            'cache-control: no-cache',
            'content-type: application/xml'),
                :
    )
);

Encode the access_token in the HTTP header field labelled authorization in REST API calls made to the Knox E-FOTA server.

Tutorial Progress

You've completed 2/6 steps! Go to the next step.