Table of Contents |
---|
...
To achieve fine grained access control, your access token needs to be decorated with a set of scopes. The scopes are requested when an access token is requested. The table below describes the different scopes that are supported and can be requested, provided to client.
Scope | Description |
---|---|
| Grants access to |
| Grants access to |
| Grants access to |
Retrieve access token
Before you begin, you need to base64 encode your clientId and clientSecret which your QMATIC representative will provide you with.
...
This curl command exemplifies the retrieval of an access token.
Code Block |
---|
curl -H "Authorization: Basic ${BASIC_AUTH}" |
...
\ -H "Content-Type: application/x-www-form-urlencoded" |
...
\ -H "X-ACCOUNT: ${ACCOUNT_NAME}" |
...
\ -d "grant_type=client_credentials&scope=${SCOPES}" |
...
\ -X POST https://api.eu-west-1.qmatic.io/oauth2/token |
${SCOPES} must be space-separated if multiple scopes are requested. ${ACCOUNT_NAME} should be replaced by the name of your QMATIC account in lowercase with any spaces
stripped off.
...
curl POST 'https://[SUBDOMAIN]/oauth2/token' \
--header 'X-ACCOUNT: [system name without spaces, lowercased]
--header 'Authorization: Basic N21yNzJlbjdxc2lrZG8zNjFkbnU4MGFnc3E6MTNoOGY4aWVldHE5Zjhyamczam92YzVzbzhqcWpmc3JzM2k3MjFyYXEydWgyNWJiZ2VkcQ==' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'scope=com.qmatic.saas.appointments/external.appointment.book' \
--data-urlencode 'x-account=system name without spaces, lowercased'