POST /app/oauth/token

URL requires a header and body with the following format:

Header:

{
  "username": *username,
  "password": *user password,
  "Content-Type": "application/json"
}

Body:

{
  "grant_type": "password",
  "client_id": *clientID,
  "rkey": "",
  "timestamp": 0
}

NOTE: rkey is a random key of characters and can be used as your identifier. timestamp is an integer of current epoch time. All values are required.

Response JSON Body:

{
	"access_token": *authToken,
	"token_type": "bearer",
	"expires_in": 86000
}

NOTE: expires_in is measured in seconds (86000 ~ 1 day)

Code Example

Python example to fetch an access Token.

# Python 3.9.2 or above
# API_Get_Token.py
#
# Retrieve Access token needed to utilize API.
#
# Copyright (c) 2021-2023 Engineering Design Group, LLC. You have permission to use this.
#
# <variable_name> represents value specific to user

import time
import requests
import json
import getpass

def getToken(username, password, clientId):

    #baseUrl points to the address of EDG's API
    baseUrl = "<https://iot.edglab.com>" #address of EDG API
    endpointAddress = "/app/oauth/token" #access token endpoint address

    accessTokenUrl = baseUrl + endpointAddress #complete URL for POST request

    #create header and body to send to API
    authHeader={
        "username": username,
        "password": password,
        "Content-Type": "application/json"
    }

    authBody={
        "grant_type": "password",
        "client_id": clientId,
        "rkey": "",
        "timestamp": 0
    }
    #note: client_id value is supplied by EDG

    ts = int(time.time())
    authBody['rkey'] = "my-"+ str(ts) +"-key"
    authBody['timestamp'] = ts
    #including timestamp in rkey helps user token display time issued
    #this is useful, but not required

    #retrieve token from API using a POST request
    tokenResponse = requests.post(accessTokenUrl,
                                headers = authHeader,
                                data = json.dumps(authBody),
                                verify = True)

    #display API response code
    print("Access Token: ", tokenResponse)

    appToken = tokenResponse.json()
    accessToken = appToken['access_token']
    return accessToken

def main():
    # best security practices: USERNAME and PASSWORD are inputs
    # PASSWORD input uses a hidden input prompt
    USERNAME = input("Username: ")
    PASSWD_STRING = getpass.getpass(prompt='Password: ') # Prompts user for password
    # A CLIENT_ID available for testing for a limited time
    CLIENT_ID = "3777217A2BCDE467412EXAMPLEFORTESTING4E635266556A5811649E3B70371C"
    print("Retrieving access token...")
    access_token = getToken(USERNAME, PASSWD_STRING, CLIENT_ID)
    print("Token: %s" %access_token)

if __name__ == "__main__":
    main()