Request a Token

Once you have an access key and signature, you can request a token using the token REST API. A typical request includes these elements:

URL

https://account.api.here.com/oauth2/token

HTTP Header

Content-Type: application/x-www-form-urlencoded
Authorization: OAuth
    oauth_consumer_key="<Access Key>",
    oauth_nonce="<Random string, uniquely generated for each request>",
    oauth_signature="<Signature>",
    oauth_signature_method="HMAC-SHA256",
    oauth_timestamp="<Epoch seconds>",
    oauth_version="1.0"

The parameters in the HTTP header are described in this table.

Parameter Description
oauth_consumer_key The access key ID for which you want to generate a token. To create an access key, go to Project Details on developer.here.com. In the credentials file that you download when you create an access key, the access key ID is the value in the here.access.key.id property.
oauth_nonce A unique string for this signature. The string cannot have been used in a previous signature. Each request to the Authentication and Authorization API must have a unique signature, and the value in this parameter is what is used to ensure the signature is unique.
oauth_signature An OAuth 1.0 HMAC-SHA256 signature.
oauth_signature_method Always use "HMAC-SHA256"
oauth_timestamp The number of seconds since the Unix epoch at the point the request is generated. Services reject requests created too far in the past or future.
oauth_version Always use "1.0"

Request Body

The request body must contain:

grant_type=client_credentials

The value for grant_type must always be client_credentials. Here is an example request:

POST /oauth2/token HTTP/1.1
    Host: account.api.here.com
    Authorization: OAuth oauth_consumer_key="1tqA_sample1fLhs2z6_q1l",oauth_signature_method="HMAC-SHA256",oauth_timestamp="1512072698",oauth_nonce="ZGAaMP",oauth_version="1.0",oauth_signature="Q0sample4lqICrx19%2F4ahaH%2Fi2O0NgqDUQJgti5U3Q%3D"
    Cache-Control: no-cache
    Content-Type: application/x-www-form-urlencoded

    grant_type=client_credentials

Response

The response body contains:

Parameter Description
access_token A token you can use to authenticate REST requests.
token_type The type of token issued by the Authentication and Authorization Service. This value is always "bearer" since the API issues bearer tokens.
expires_in The number of seconds until the token expires. Tokens expire 24 hours after they are issued.

Here is an example response:

{
    "access_token":"VE5URXlJbjAuLmE4S0l4eVpQVE1zbHRwcnQyZ1BSVGcuS3RHT2V...",
    "token_type":"bearer",
    "expires_in":86399
}

Now that you have a token, continue to Use Your Token.

results matching ""

    No results matching ""