Developer Docs
Search
K

Authorization

To call GlobaliD's API, you will need to get an access token.

Prerequisites

This document assumes you have created a Developer App.

User Access Token

Once you have an authorization code (e.g., from a user logging in via a Connect URL), you can exchange it for an access token via authorization code grant with our authorization server.
curl --request POST \
--url https://api.global.id/v1/auth/token \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data grant_type=authorization_code \
--data client_id={{client_id}} \
--data client_secret={{client_secret}} \
--data redirect_uri={{redirect_uri}} \
--data code={{code}}
You will get a response with a JSON payload containing an access_token.
{
"access_token": "...",
"id_token": "...",
"expires_in": 28799,
"scope": "public",
"token_type": "bearer"
}

App Access Token

In some cases (accessing PII), you will need to retrieve an access token for your application using the client credentials grant.
curl --request POST \
--url https://api.global.id/v1/auth/token \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data grant_type=client_credentials \
--data client_id={{client_id}} \
--data client_secret={{client_secret}}
You will get a response with a JSON payload containing an access_token.
{
"access_token": "...",
"expires_in": 28799,
"scope": "public",
"token_type": "bearer"
}

Next Steps

Once you have an access token, you're ready to start calling our API with the access_token as the bearer token.