Luxstay API

Obtain Access and Refresh Tokens Using User Identity

This endpoint is responsible to generate new access token and refresh token pair using the identity of the OAuth client and user. In order to request tokens from this endpoint, make sure you meet the following requirements:

  • Have a registered and verified user account on Luxstay.
  • Have a registered and active OAuth application with Luxstay and have access to provided Client ID and Client Secret.

This endpoint is used for first-party applications, for example, mobile applications and sub-systems managed by Luxstay, or by external applications having close relationship with Luxstay.

Endpoint

Method URI Headers
POST /oauth/token/password Accept: application/json

Data Params

Param Description Type Required
grant_type The authorization grant being used - explicitly be password in this case String Yes
cliend_id The UUID of the OAuth Client String Yes
client_secret The secret key associated with the client String Yes
username The username used for identity verification String Yes
password The password associated with the user used for identity verification String Yes
scope The comma-separated list of token scopes String No

Request & Response Examples

Successful Response

200

Example request

curl \
  --request POST \
  --url https://api.luxstay.com/oauth/token/password \
  --header 'Accept: application/json' \
  --form grant_type=password \
  --form client_id=5aadcf38-6f86-41e3-8601-4efe00c30d75 \
  --form client_secret=3SJnACEcDfT7UystEUlOpQR8qk692gm59lD5p5bf \
  --form username=example@gmail.com \
  --form password=123456
1
2
3
4
5
6
7
8
9

Example response

{
    "data": {
        "token_type": "Bearer",
        "expires_in": 432000,
        "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImp0aSI6ImM3ODVjOGNjYThkZjZmMjA0YTZiOWVhMDIzZDhkOTIyOWI3MzgxODIxM2VhNmNiMmI4MzJmZDg5YWY5MzlhMGY5MGI4ZjVhNTU2NTJiOWI1In0.eyJhdWQiOiIwMzE4YTU5Yy0zMmZkLTQ0ODMtOTQ4NC0xZWQ0YTQ4NmNkOGYiLCJqdGkiOiJjNzg1YzhjY2E4ZGY2ZjIwNGE2YjllYTAyM2Q4ZDkyMjliNzM4MTgyMTNlYTZjYjJiODMyZmQ4OWFmOTM5YTBmOTBiOGY1YTU1NjUyYjliNSIsImlhdCI6MTUzOTgzODY0NywibmJmIjoxNTM5ODM4NjQ3LCJleHAiOjE1NDAyNzA2NDcsInN1YiI6IjEwMTMwIiwic2NvcGVzIjpbXX0.L5QDT2SbwbjtFIA-PEg9fmVqV4HbWBSc4lR9Bl3LcQJrktJ87jqxPkGk0l1FzHSiuAxKf_1M_UhNWGdWkb5tDiIkr3Oz__19MOeFTZKwFHRFbzbV7TK7BTc3NAQoAKfw-QFy0zkC07WIr_EJMG_RW2FtSKfVRzA0g4sn8l3wH2ZOHjWldggGpkpgtrfpTNnhWsC261HkYHPMG3ODWswLCnHQzG_VklKGCvPxH_V68Q9CFucvyoDi8nczlEorKRnPuot6I69g8cA9wvDHpKtW7onmQetrvcSwmkgWvncdqVI2yOFRzoFVaPaQ1sj_IFLIbB2ZSwJvTUwL0kUktzsc9jrY4fdbvF6qHV1BOGMJQVobNN1t-kt0pccMBJwedRqJtbRaPiK9KOqZRkpryaCcBd-A2erqZKFUaZMUfQUYyj532oG7HWeiKWp4YSUuUkKxDiwyn0jzHBGQICJ48z2RUehdV51VfAyJxvZAsnR_ANdfmfRrmGGMdqunk1fz4-veGxn3rejcTy3iphWOMy96VChbvvS3pBUi5DQgofn24YYINYV2I2WWaqEgWP2pSB9LKqLO-GcDnza0QhCJ2UIZeYcbkwaFdmsj41onJ2-Vl2BnI-WSpU067zKQTnGkHEUWG3pPMslxB95Hflw8Rr5OzNLL69TsagnxaSyzqMdWPEw",
        "refresh_token": "def50200340b2a8efdeea15b96ac09feb4fc2344e058ba3c1a78cba65e766b951f967cd5c9912540c3c21743a142fe4a3f8c58fd566193eb1e3d8c80165dcb50ea309c9ba07b8480050ec7a6b2acf16bb18d466938080b8a05990b324a26f447079f809fc1b8f6033f0d8c309de35718f2848cca2c991111cc2a83b97d8325c49195881a122b803b5e80c05e807d706951a85fd1775b7f070dda197239f9eb1bd0b19ea0ef6c73aadc5edb1d0e17b35bcc2d09ef0e7c699367263bc81090879d96733a5aaed3fdb29ac606f9cb7fc21e7f98e853688928f80ecd0ae2bba6b2126a48713bffabd72f0dfd99a1396d4818836dd65bbfafe40d4133962ca4eddc4a3f5dd50bd9dcd818ff4616b0c6e2e64fdd71d802ef7f19b7bb599059add5af4338b76a1546456ced8f521cc9848a77b3026dd800c8a3b3442410cc8c126761766ebfdc50381f9496cebbc1b7cdad6da2c6217c388cae0767dcb58ead015a229d22adb9b7d60425d981fd895a4105cc159554d1f41c675fbd179511c3977c14da870d39e27c6f4f1e"
    }
}
1
2
3
4
5
6
7
8

Error Response

401

  • Reason unsupported grant type

Example response

{
    "errors": {
        "error": "unsupported_grant_type",
        "message": "The authorization grant type is not supported by the authorization server.",
        "hint": "Check that all required parameters have been provided"
    }
}
1
2
3
4
5
6
7
  • Reason invalid client information

Example response

{
    "message": "The provided client is invalid."
}
1
2
3
  • Reason invalid user credentials (username and password)

Example response

{
    "errors": {
        "error": "invalid_credentials",
        "message": "The user credentials were incorrect."
    }
}
1
2
3
4
5
6
  • Reason unknown scope

Example response

{
    "errors": {
        "error": "invalid_scope",
        "message": "The requested scope is invalid, unknown, or malformed",
        "hint": "Check the `test` scope"
    }
}
1
2
3
4
5
6
7

422

  • Reason invalid client

Example response

{
    "message": "The given data was invalid.",
    "errors": {
        "client_id": [
            "The selected client id is invalid."
        ]
    }
}
1
2
3
4
5
6
7
8
  • Reason missing client ID or client secret

Example response

{
    "message": "The given data was invalid.",
    "errors": {
        "client_id": [
            "The client id field is required."
        ],
        "client_secret": [
            "The client secret field is required."
        ]
    }
}
1
2
3
4
5
6
7
8
9
10
11
  • Reason invalid scope

Example response

{
    "message": "The given data was invalid.",
    "errors": {
        "scope": [
            "The scope must be a string."
        ]
    }
}
1
2
3
4
5
6
7
8

References

Last Updated: 11/18/2018, 9:11:26 AM

Obtain Access Token From Refresh Token