Client Credentials Grant
The Client Credentials grant is one of the OAuth 2.0 grant types supported in ReadyAPI. This grant is used when a client application requests access to protected resources without user interaction.
To learn how to configure OAuth 2.0 authentication in ReadyAPI, see Enabling OAuth 2.0 Authentication. To get familiar with the Client Credentials grant for applications in Azure Active Directory, see Enabling OAuth 2.0 Authentication with Azure Active Directory.
 |
 |
Option | Description |
|---|---|
OAuth 2 Flow | Sets the OAuth 2.0 method to use. |
Client Identification | An alphanumeric string used to identify the client. |
Client Secret | The secret string the client will use. |
Resource | (For Azure only) The App ID URI of the web service. ImportantMicrosoft identity platform v2.0 does not support this parameter. |
Access Token URL | The URL to get an access token from. |
Apply Client JWT Assertion | Select if you need to include JSON Web Token (JWT) assertion to the authorization request. |
JWT Assertion | Is available if you selected Apply Client JWT Assertion. Specifies the JSON Web Token (JWT) that will be included in the authorization request as a JWT assertion. You can specify it manually or generate it. |
Generate JWT | Is available if you selected Apply Client JWT Assertion. Click it to generate a JSON Web Token. The generated token will be written to the JWT Assertion field. See Generating JSON Web Token. |
Scope | The full scope string defining the requested permissions. |
Use Nonce | Select to generate a unique string for each request. It allows the server to verify that a request has never been made before and helps prevent replay attacks. |
Use Authorization Header | Select to send client credentials in the request header. Otherwise, the credentials are sent in the request body. |
Get Access Token | Click this button to retrieve the access token. |
Automation | Click this button to open the Automated Token Profile editor. |