Description
It’s an authentication method that prevents having to ask the user for the password time and time again. This way, a user who’s logged in to your-website.com doesn’t have to log in again to another-website.com.
This is done by using cookies. As the main authentication mechanism is OAuth2, a way of exchanging the shared session (the session cookies) for an access_token is required.
This is achieved through a POST to the authorization endpoint, using the parameter grant_type=urn:com.druid:oauth2:grant_type:exchange_session and sending all the cookies from the user’s browser.
Once the access_token has been obtained, it’s no longer necessary to start the authorization process and the APIs can be accessed immediately.
Endpoint URL:
POST https://{your-endpoint-domain.com}/oauth2/token
Request parameters
Parameter | Description | Type |
grant_type | The value must be set to urn:com.druid:oauth2:grant_type:exchange_session | string |
client_id | Identifier of the client application. | string |
client_secret | Secret of the client application. | string |
oauth_token | The user token to be exchanged | string |