While implementing OAuth our client is accepting client_id and client_secret in 64-bit encoded format. We can’t do this in the Freshworks OAuth framework. so we asked the client to change their OAuth configuration, to do this. They asked for examples of OAuth requests and responses. Can anybody share this?
Our platform follows RFC 6749 of OAuth Standard - RFC 6749: The OAuth 2.0 Authorization Framework
While there are a bunch of requests/response cycles that happen along the token exchange mechanism, I will pick a few that I presume would help you (more can be found in the same document) —
Access Token Request
For example, the client makes the following HTTP request using TLS
(with extra line breaks for display purposes only):
POST /token HTTP/1.1
Host: server.example.com
Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW
Content-Type: application/x-www-form-urlencoded
grant_type=authorization_code&code=SplxlOBeZQQYbYS6WxSbIA
&redirect_uri=https%3A%2F%2Fclient%2Eexample%2Ecom%2Fcb
Access Token Response
An example successful response:
HTTP/1.1 200 OK
Content-Type: application/json;charset=UTF-8
Cache-Control: no-store
Pragma: no-cache
{
"access_token":"2YotnFZFEjr1zCsicMWpAA",
"token_type":"example",
"expires_in":3600,
"refresh_token":"tGzv3JOkF0XG5Qx2TlKWIA",
"example_parameter":"example_value"
}
These snippets are cherry-picked from the above document. Please read the scenarios carefully from the standard RFC.