Here is how to get access(Reference).
1.Register your oauth application using dynamic client registration API
curl -X POST -H "Authorization: Basic YWRtaW46YWRtaW4=" -H "Content-Type: application/json" -d @payload.json http://localhost:9763/client-registration/v0.9/register
Sample payload:
{
"callbackUrl": "www.google.lk",
"clientName": "rest_api_store",
"tokenScope": "Production",
"owner": "admin",
"grantType": "password refresh_token",
"saasApp": true
}
Here it uses basic auth.You need to provide base 64 encoded username:password(eg: admin:admin) in the Authrization header.
Sample response.
{
"callBackURL": "www.google.lk",
"jsonString":
"{
"username":"admin",
"redirect_uris":"www.google.lk",
"tokenScope":[Ljava.lang.String;@3a73796a,
"client_name":"admin_rest_api_store",
"grant_types":"authorization_code password refresh_token iwa:ntlm
urn:ietf:params:oauth:grant-type:saml2-bearer client_credentialsimplicit"
}",
"clientName": null,
"clientId": "HfEl1jJPdg5tbtrxhAwybN05QGoa",
"clientSecret": "l6c0aoLcWR3fwezHhc7XoGOht5Aa"
}
2.Use the token API to get the oauth access token
curl -k -d "grant_type=password&username=admin&password=admin&scope=apim:subscribe" -H "Authorization: Basic SGZFbDFqSlBkZzV0YnRyeGhBd3liTjA1UUdvYTpsNmMwYW9MY1dSM2Z3ZXpIaGM3WG9HT2h0NUFh" https://127.0.0.1:8243/toke
Here basic auth parameter is base 64 encoded clientId:ClientSecret
Now you have an access token to call store APIs