This page explains the way to get the access token using OAuth2 authorization code grant type.
You can get the access token of EnerTalk user safely for your app to use EnerTalk API.
Details are following.

Step 0. Prerequisite

Before getting the token, you should create App first in CreateApp Menu.

0.1. Create App

You need “redirect url” and “app name” to create app
* redirect url: After authorization check is done, server redirect the client(browser) to “redirect url” with code value as query string, which is used to request token.

Endpoint

This is host name for all following REST APIs.

https://auth.enertalk.com

Step 1. Request Authorization Code

After sending the below request, EnerTalk auth server shows you sign-in page. And if sign-up or sign-in is successful, you can get the code value.

Request

Method: GET
URI: /authorization
Headers:

  • Content-Type: application/json

Query String:

Name Required Description Note
client_id YES Given Client ID
response_type YES “code” fixed value
redirect_uri YES registered redirect uri URL encoded value

Example:

https://auth.enertalk.com/authorization?client_id=abcdedf123456&response_type=code&redirect_uri=http://localhost:8080/callback

Response

Actually, you can see the login page. After authorization approval(in Step3), you can get “code” on redirect URl which you registered on CreateApp menu. you can use code for requesting access token
Example:

http://localhost:8080/callback?code=b05bb5739321c67c53dedf9229a40c6a582f43b3307e43f81bdf0bb829d8a123

Step 2. Sign in (if user already reistered) or sign up

2.1. End User has account of EnerTalk

Input registered Id and Password. If you forgot the password, click “reset password link”

Enertalk Login Page
Enertalk Login Page

2.1. End User is new

Move to “Sign up” Page and create your account

Step 3. Authorization Approval

Authorization Page is popped up. In this page, user can click allow or deny button.
If user select allow button, client page is moved to redirect url with code. You can use the code value in next step to get request access token.

?code=0238f64124a90c673bb5dd3491a0699d259f45293f0

If user select deny button, page is moved to redirect url with error code like following. you have to handle this error code.

?error=access_denied&error_description=User%20denied%20the%20access%20to%20the%20resource

Step 4. Request Access Token

Now, you have the code. By using following api with code value, you can get the access token.

Request

Method: POST
URI: /token
Headers:

  • Content-Type: application/json

Body Parameter:

Name Required Description Note
client_id YES Given Client ID
client_secret YES Given Client Secret
grant_type YES “authorization_code” fixed value
code YES recieved code

Example

curl -X POST -H "Content-Type: application/json" 
        -d '{ "client_id": "abcdedf123456", "client_secret": "adszcxkX1293X", "grant_type": "authorization_code", "code": "b05bb5739321c67c53dedf9229a40c6a582f43b3307e43f81bdf0bb829d8a123" }' 
        "https://auth.enertalk.com/token"

Response

If the code is valid, you can get the access token and refresh token

Name Required Description Note
token_type YES “bearer” fixed value
access_token YES access token
refresh_token YES refresh token used when access token is expired
expires_in YES token is valid in this time seconds

Examples:

{
  "token_type": "bearer",
  "refresh_token": "9d179b87655fcac4ac6b85aa5130553dbbe59c6f973d53ed496650f2d221198a7569",
  "access_token": "20075d2b78110775afe5c43f227e5569881200b00138984e3e6ca3a48d1f2fe9a77f1f",
  "expires_in": 21600
}

STEP 5. Refresh token

When access token is expired, you can get new access token using refresh token.

Header

Field Type Description
Authorization String Basic Auth
Basic base64 encoded ‘clientId:clientSecret’
example) Basic eW91ckNsaWVudElkOnlvdXJDbGllbnRTZWNyZXQ=
Content-Type String appliaction/json

Request

Method: POST URI: /token

Name Required Description Note
grant_type YES refresh_token
refresh_token YES refresh token received when you request access token before

Examples:

curl -X POST -H "Authorization: Basic Y2xpZW50SWQ6Y2xpZW50U2VjcmV0" 
     -H "Content-Type: application/json" 
     -d '{"grant_type":"refresh_token", "refresh_token": "7dd90d21e8550923"}' 
     "https://auth.enertalk.com/token"

Response

When the request is correct, you can receive the response like following.
Parameter

Name Required Description Note
token_type YES bearer fixed value
access_token YES new access_token
refresh_token YES new refresh_token
expires_in YES expiration time second

Examples:

{
  "token_type": "bearer",
  "access_token": "20075d2b78110775afe5c43f227e5569881",
  "refresh_token": "9d179b87655fcac4ac6b85aa5130553dbb",
  "expires_in": 21600
}