Getting API Access
To enable access to Corastone from the application you are integrating:
Concatenate your Corastone clientId and clientSecret as follows:
clientId:clientSecret
Base64 encode the resulting string.
Call the token endpoint (POST <AuthURL>/oauth2/token) as follows:
Use the header to pass in the base64 encoded string: Authorization: Basic <encoded_string>
Provide the necessary scope. The description of each endpoint specifies the associated scope.
Here's an example of a scope submission:
{“grant_type”: “client_credentials”, “scope”: “createSubscription remediateSubscription cancelSubscription confirmCompleting manageServiceProviders readExclusivityOptions manageExclusivityOptions readNAV readSubscription readIssuance readInvestor readAccount readLedger readTransactionData manageExternalClients manageTrade readTrade manageReferenceData manageOrgs readOrgs readIssuanceClose readIssuanceClose completeOffering createIdBooking manageIdBooking readErrors manageErrors readSequencer readIssuingLegalEntity "}
Use the issued token as the bearer token in the call to functional APIs.