Training: Generating Access Tokens using the M2M Client

Romanworks will use M2M Application Client-generated Access Tokens to interact with Yonomi Platform. Access Tokens generated using M2M Application Clients require use of the OAuth2.0 Client Credentials grant type to obtain tokens. This grant type flow is a server-to-server flow, where no user authentication is involved in the process. Access tokens generated using this grant type will not represent user identity, but instead contain a Client ID as the subject claim. At a high level, the flow has the following steps:

• The Client makes a POST request to the OAuth server
• The OAuth server issues the Access Token immediately and responds to the client

This training will not focus on OAuth2.0 specifics – more on the OAuth2.0 Client Credentials grant type is available online.

The Postman training collection is already set up to make it easy to obtain M2M Access Tokens. To obtain an access token:

1. Open the Training collection in Postman
2. Click on the Romanworks (PACS Partner) API Operations collection to open it
3. Click on the Authorization tab. Scroll the pane and notice the values are populated with variables.
4. Click on the Variables tab to see the variables and representative values.
5. Replace the following values with values from the Dev Resource Group created earlier in training:

• yp_m2m_client_id – This value is listed as Client ID in the M2M Token Detail created earlier
• yp_m2m_client_secret – This value is listed as Client Secret in the M2M Token Detail created earlier

6. Click the Save button to save the collection.

7. Return to the Authorization tab and scroll to the bottom of the screen

8. Click the Clear cookies button to ensure there are no credentials cached

9. Click the Get New Access Token button. This will launch a browser window that we’ll use to login and generate our token

10. Upon success, an access token will be generated and captured in Postman. Click the Use Token button to allow Postman to use this credential in API requests.

Important: Note that these tokens expire within 10 minutes. To obtain a new token, follow the steps above but instead of creating a new account, simply log in with previously created credentials.