Authorization

To call GlobaliD's API, you will need to get an access token.
Prerequisites
This document assumes you have created a Developer App.
User Access Token
Once you have an authorization code (e.g., from a user logging in via a Connect URL), you can exchange it for an access token via authorization code grant with our authorization server.
curl --request POST \
  --url https://api.global.id/v1/auth/token \
  --header 'Content-Type: application/x-www-form-urlencoded' \
  --data grant_type=authorization_code \
  --data client_id={{client_id}} \
  --data client_secret={{client_secret}} \
  --data redirect_uri={{redirect_uri}} \
  --data code={{code}}
You will get a response with a JSON payload containing an access_token.
{
  "access_token": "...",
  "id_token": "...",
  "expires_in": 28799,
  "scope": "public",
  "token_type": "bearer"
}
App Access Token
In some cases (accessing PII), you will need to retrieve an access token for your application using the client credentials grant.
curl --request POST \
  --url https://api.global.id/v1/auth/token \
  --header 'Content-Type: application/x-www-form-urlencoded' \
  --data grant_type=client_credentials \
  --data client_id={{client_id}} \
  --data client_secret={{client_secret}}
You will get a response with a JSON payload containing an access_token.
{
  "access_token": "...",
  "expires_in": 28799,
  "scope": "public",
  "token_type": "bearer"
}
Next Steps
Once you have an access token, you're ready to start calling our API with the access_token as the bearer token.
​Attestations​
​Consent​
​Identity​
​PII​

Last modified 8mo ago