Skip to main content

Password flow

Create an access token by logging in with a valid username and password. The access token expires at 3:00 AM ET and is not prolonged with every usage. In the most common scenario this is the first method to be called at the application start. The POST parameters are:

    -X POST
--header 'Accept: application/json'
--header 'Content-Type: application/x-www-form-urlencoded'
-d 'grant_type=password&client_id={client_id}&client_secret={your_client_secret}&username={username}&password={password}'
'https://auth.lime.co/connect/token'

Response example

{
"scope": "email profile",
"token_type": "Bearer",
"access_token": "MjAwOTg1OWUtZTUwMy00YzY4LWEyZWQtODU0N2NkZTJiNDdlfDIwMTcxMDA3MTkyNDQzfHRlc3R8U2VyZ2V5fE1pbmtvdg==",
"expires_in": 28800
}

Request

parameterdescription
grant_typeRequired. This is the OAuth authorization flow to use. password in this case.
client_idRequired. The client id issued to the service
client_secretRequired. The client secret issued to the service
usernameRequired with password grant type.
passwordRequired with password grant type.

Response

nametypedescription
access_tokenstringThe access token
scopestringThe scopes this token grants access to
token_typestringBearer means that the access token should be put to the Authorization header of every web request
expires_innumberThe expiration lifetime in seconds