Cloud Management API 1.5




Perform an OAuth 2.0 token_refresh operation to obtain an access token that can be used in lieu of an API session cookie. (In other words, creates a session using OAuth 2.0).

Note that an API-Version header is required with your request, and that the server may respond with a 301 Moved Permanently if you include an account_id parameter and your account is hosted in another RightScale cluster.

The request parameters and response format are all as per the OAuth 2.0 Internet Draft standard v23. In brief: - Successful responses include an access token, an expires-in timestamp, and a token type - The token type is always "bearer" - To use a bearer token, include header "Authorization: Bearer " with your API requests - The client must refresh the access token before it expires

# Example Request using Curl (with prettified response):
curl -i -H X-API-Version:1.5 -x POST -d "grant_type=refresh_token" -d "refresh_token=abcd1234deadbeef"

  "access_token": "xyzzy",
  "expires_in":   3600,
  "token_type":   "bearer"

POST /api/oauth2/
HTTP response code
200 OK


name required type values regexp blank? description
account_id no Integer * * no The client's account ID (only needed for instance agent clients).
client_id no String * * no The client ID (only needed for confidential clients).
client_secret no String * * no The client secret (only needed for confidential clients).
grant_type yes String refresh_token * no Type of grant.
r_s_version no Integer * * no The RightAgent protocol version the client conforms to (only needed for instance agent clients).
refresh_token no String * * no The refresh token obtained from OAuth grant.
right_link_version no String * ^\d+\.\d+(\.\d+)*$ no The RightLink gem version the client conforms to (only needed for instance agent clients).