Privicore
  1. OAuth Application
Privicore
  • Privicore API
  • Utility
    • Utility
    • Check server health
      GET
    • Request command id status
      GET
  • Profile
    • Profile Model and Authentication Workflow
    • Register new profile
      POST
    • Authenticate
      POST
    • Retrieve profile id
      GET
    • Change password
      POST
    • Generate qr token for authorization
      POST
    • Reauthorize authorization token
      POST
    • Revoke authorization token
      POST
    • Retrieve token expiry
      POST
  • OAuth Application
    • OAuth Application Management
    • Register OAuth Application
      POST
    • Retrieve OAuth app configuration
      POST
    • Request OAuth app authorization code
      GET
    • Retrieve OAuth app authorization code
      POST
    • Obtain OAuth app access token
      POST
    • OAuth application list
      GET
    • Retrieve OAuth application scope
      GET
    • Refresh OAuth app access token
      POST
  • Public key
    • Public and Private Key Management
    • Generate your private and public keys
      GET
    • Register public key
      POST
    • Retrieve public key
      GET
    • Retrieve CAB public key
      GET
  • Data Token
    • Data Token Management
    • Reserve token space
    • Retrieve temporary data token
    • Exchange data for token
    • Upstream file via stream auth
    • Request data via token
    • Download data
    • Configure information security risk meta
    • Configure file meta
    • List data tokens
    • Update data token
    • Delete data
  • Device
    • Device Management
    • Request unique identifier (i.e. Register new device)
    • Retrieve unique identifier
    • Retrieve profile devices
    • Configure device meta
    • Approve device
    • Reject device
    • Retrieve device configuration
    • Remove device
  • Storage
    • Storage Device Management
    • Register storage device
    • List storage devices
    • Synchronize device
    • Remove storage
  • Verified authenticator
    • Authenticator and Voting Management
    • Register authenticator
    • List verified authenticators
    • Retrieve voting strategy
    • Set quorum size
    • Set quorum strategy
    • Set voting time limit
    • Set maximum voting attempts
    • Remove authenticator
    • Register voting configuration
    • Update voting configuration
    • List voting configurations
    • Retrieve voting configuration
  • Policy
    • List policy templates
    • Register policy
    • List active policies
    • List inactive policies
    • Activate policy
    • Deactivate policy
    • Delete policy
    • List registered policies
    • Retrieve registered policy
  • Directory
    • Register Directory
    • Retrieve owned Directories
    • Retrieve assigned directories
    • Retrieve Directory
    • Create Directory User
    • Update user information
    • Invite Profile
    • Set profile password
    • List Directory Invites
    • Process Invitation
    • Retrieve directory profile
    • List directory users
    • Directory profiles info
    • Create profile device
    • Add storage device to profile
    • List directory devices
    • Create directory voting pool
    • Store directory meta information
  • Voting
    • Create voting
    • Check pool status
  • Schemas
    • Response
      • CommandAccepted
      • Unauthorized
      • ValidationErrors
    • Schemas
    • profileId
    • deviceIdentifier
    • directoryId
    • directoryName
    • directoryShortName
    • givenName
    • familyName
    • createdAt
    • meta
  1. OAuth Application

Obtain OAuth app access token

POST
/oauth-application/obtain-access-token

Obtain OAuth Application Access Token#

Overview#

Exchange an authorization code for an access token that the OAuth Application can use to perform actions on behalf of the profile.

Obtain OAuth Application Access Token#

Endpoint: POST /oauth-application/obtain-access-token
Authentication: Required (Basic authentication using authorization code)
Header:
Authorization: Basic {oauth_authorization_code}

Request Parameters#

ParameterTypeRequiredDescription
authorization_codestringYesThe authorization code obtained from the previous step

Response Fields#

FieldDescription
clientIdThe OAuth Application's client ID
tokenThe access token for authenticated requests
refreshTokenToken used to obtain a new access token when the current one expires
typeToken type (typically "bearer")
scopePermissions granted to this token
expiresAtISO 8601 timestamp when the access token expires
refreshTokenExpiresAtISO 8601 timestamp when the refresh token expires

Use Case#

This endpoint completes the OAuth flow by exchanging the short-lived authorization code for a longer-lived access token. The access token allows the OAuth Application to act on behalf of the profile within the defined scope. The refresh token enables obtaining new access tokens without requiring user re-authorization.
Store both the token and refreshToken securely
The authorization code can only be used once
Use the refresh token to obtain new access tokens before expiration

Request

Header Params

Body Params application/x-www-form-urlencoded

Request Code Samples

Shell
JavaScript
Java
Swift
Go
PHP
Python
HTTP
C
C#
Objective-C
Ruby
OCaml
Dart
R
Request Request Example
Shell
JavaScript
Java
Swift
curl --location --request POST 'https://sandbox.privicore.com:9009/oauth-application/obtain-access-token' \
--header 'Authorization;' \
--data-urlencode 'authorization_code='

Responses

🟢200Success
application/json
OK
Body

Example
{
    "clientId": "example_client_id",
    "token": "example_access_token",
    "refreshToken": "example_refresh_token",
    "type": "bearer",
    "scope": "all",
    "expiresAt": "2025-02-10T10:03:06+00:00",
    "refreshTokenExpiresAt": "2025-02-10T10:03:06+00:00"
}
🟠401401
🟠403403
🟠404404
🟠422422
Modified at 2025-12-09 10:40:09
Previous
Retrieve OAuth app authorization code
Next
OAuth application list
Built with