LEAF API Website - Token Exchange

Request Parameters

Parameter	Name	Type	Description
grant_type	Grant Type	Enumeration
code	Code	String (Optional)	An access token used with "authorization_code" grant
refresh_token	Refresh Token	String (Optional)	Field to be used with existing refresh_token grant
redirect_uri	Redirect URI	String (Optional)	Used for "authorization_code" grant as this is the realm of the stored token.
client_id	Client ID	String
client_secret	Client Secret	String

Response Parameters

Parameter	Name	Type	Description
access_token	Access Token	String (Optional)	The user's bearer token.
token_type	Token Type	Enumeration (Optional)
expires_in	Expires In	Number (Optional)	The lifetime of the token in seconds
refresh_token	Refresh Token	String (Optional)	Another exchange token that can be used to obtain a new bearer token
scope	Scope	String (Optional)	The roles assigned to the token
error	Error	String (Optional)
error_description	Error Description	String (Optional)
error_uri	Error URI	String (Optional)
id_token	ID Token	String (Optional)

Grant Type (Request)

Value	Description
authorization_code	Authorization Code
refresh_token	Refresh Token

Token Type (Response)

Value	Description
Bearer	Bearer

Request Schema

<?xml version="1.0" encoding="utf-8"?>
<xsd:schema elementFormDefault="qualified" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <xsd:element name="submitToken">
    <xsd:complexType>
      <xsd:sequence>
        <xsd:element name="grant_type">
          <xsd:simpleType>
            <xsd:restriction base="xsd:string">
              <xsd:enumeration value="authorization_code">
                <xsd:annotation>
                  <xsd:documentation>Authorization Code</xsd:documentation>
                </xsd:annotation>
              </xsd:enumeration>
              <xsd:enumeration value="refresh_token">
                <xsd:annotation>
                  <xsd:documentation>Refresh Token</xsd:documentation>
                </xsd:annotation>
              </xsd:enumeration>
            </xsd:restriction>
          </xsd:simpleType>
        </xsd:element>
        <xsd:element name="code" minOccurs="0" type="xsd:string">
          <xsd:annotation>
            <xsd:documentation>An access token used with "authorization_code" grant</xsd:documentation>
          </xsd:annotation>
        </xsd:element>
        <xsd:element name="refresh_token" minOccurs="0" type="xsd:string">
          <xsd:annotation>
            <xsd:documentation>Field to be used with existing refresh_token grant</xsd:documentation>
          </xsd:annotation>
        </xsd:element>
        <xsd:element name="redirect_uri" minOccurs="0" type="xsd:string">
          <xsd:annotation>
            <xsd:documentation>Used for "authorization_code" grant as this is the realm of the stored token.</xsd:documentation>
          </xsd:annotation>
        </xsd:element>
        <xsd:element name="client_id" type="xsd:string" />
        <xsd:element name="client_secret" type="xsd:string" />
      </xsd:sequence>
    </xsd:complexType>
  </xsd:element>
</xsd:schema>

Example Request

POST https://api.leaf.eco/r1/openid/token.eb HTTP/1.1
Accept: text/xml
Content-Type: text/xml; charset=utf-8

		<?xml version="1.0" encoding="utf-8"?>
<submitToken>
  <grant_type>xsd:string</grant_type>
  <code>xsd:string</code>
  <refresh_token>xsd:string</refresh_token>
  <redirect_uri>xsd:string</redirect_uri>
  <client_id>xsd:string</client_id>
  <client_secret>xsd:string</client_secret>
</submitToken>

Response Schema

<?xml version="1.0" encoding="utf-8"?>
<xsd:schema elementFormDefault="qualified" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <xsd:element name="exchange">
    <xsd:complexType>
      <xsd:sequence>
        <xsd:element name="access_token" minOccurs="0" type="xsd:string">
          <xsd:annotation>
            <xsd:documentation>The user's bearer token.</xsd:documentation>
          </xsd:annotation>
        </xsd:element>
        <xsd:element name="token_type" minOccurs="0">
          <xsd:simpleType>
            <xsd:restriction base="xsd:string">
              <xsd:enumeration value="Bearer" />
            </xsd:restriction>
          </xsd:simpleType>
        </xsd:element>
        <xsd:element name="expires_in" minOccurs="0" type="xsd:double">
          <xsd:annotation>
            <xsd:documentation>The lifetime of the token in seconds</xsd:documentation>
          </xsd:annotation>
        </xsd:element>
        <xsd:element name="refresh_token" minOccurs="0" type="xsd:string">
          <xsd:annotation>
            <xsd:documentation>Another exchange token that can be used to obtain a new bearer token</xsd:documentation>
          </xsd:annotation>
        </xsd:element>
        <xsd:element name="scope" minOccurs="0" type="xsd:string">
          <xsd:annotation>
            <xsd:documentation>The roles assigned to the token</xsd:documentation>
          </xsd:annotation>
        </xsd:element>
        <xsd:element name="error" minOccurs="0" type="xsd:string" />
        <xsd:element name="error_description" minOccurs="0" type="xsd:string" />
        <xsd:element name="error_uri" minOccurs="0" type="xsd:string" />
        <xsd:element name="id_token" minOccurs="0" type="xsd:string" />
      </xsd:sequence>
    </xsd:complexType>
  </xsd:element>
</xsd:schema>

Example Response

HTTP/1.1 200 OK
Content-Type: text/xml

<?xml version="1.0" encoding="utf-8"?>
<exchange>
  <access_token>xsd:string</access_token>
  <token_type>xsd:string</token_type>
  <expires_in>xsd:double</expires_in>
  <refresh_token>xsd:string</refresh_token>
  <scope>xsd:string</scope>
  <error>xsd:string</error>
  <error_description>xsd:string</error_description>
  <error_uri>xsd:string</error_uri>
  <id_token>xsd:string</id_token>
</exchange>

Download full schema

Example Request

POST https://api.leaf.eco/r1/openid/token.eb HTTP/1.1
Accept: application/json
Content-Type: application/json; charset=utf-8

		{"grant_type":String,
  "code":String,
  "refresh_token":String,
  "redirect_uri":String,
  "client_id":String,
  "client_secret":String}

Example Response

HTTP/1.1 200 OK
Content-Type: application/json

{"access_token":String,
  "token_type":String,
  "expires_in":Number,
  "refresh_token":String,
  "scope":String,
  "error":String,
  "error_description":String,
  "error_uri":String,
  "id_token":String}

Status and Error Codes

HTTP Status	Error Code	Description
400	DataError:client_id:RequiredRule
400	DataError:client_secret:RequiredRule
400	DataError:grant_type:RequiredRule	You must select an option.

Grant Type*

Code

An access token used with "authorization_code" grant

Refresh Token

Field to be used with existing refresh_token grant

Redirect URI

Used for "authorization_code" grant as this is the realm of the stored token.

Client ID*

Client Secret*

Obtain bearer token POST

Parameters

Request Parameters

Response Parameters

Enumerations

Grant Type (Request)

Token Type (Response)

XML

Request Schema

Example Request

Response Schema

Example Response

JSON

Example Request

Example Response

Status Codes

Status and Error Codes

Test