All pages
Powered by GitBook
1 of 1

Loading...

Obtaining an Access Token

Getting API Access

To enable access to Corastone from the application you are integrating:

  1. Concatenate your Corastone clientId and clientSecret as follows:

clientId:clientSecret

  1. Base64 encode the resulting string.

  2. Call the token endpoint (POST <AuthURL>/oauth2/token) as follows:

    1. Use the header to pass in the base64 encoded string: Authorization: Basic <encoded_string>

    2. Provide the necessary scope. The description of each endpoint specifies the associated scope.

    Here's an example of a scope submission: {“grant_type”: “client_credentials”, “scope”: “createSubscription remediateSubscription cancelSubscription confirmCompleting manageServiceProviders readExclusivityOptions manageExclusivityOptions readNAV readSubscription readIssuance readInvestor readAccount readLedger readTransactionData manageExternalClients manageTrade readTrade manageReferenceData manageOrgs readOrgs readIssuanceClose readIssuanceClose completeOffering createIdBooking manageIdBooking readErrors manageErrors readSequencer readIssuingLegalEntity "}

  3. Use the issued token as the bearer token in the call to functional APIs.