Authorization Token

These are the steps to generate an authorization token programmatically to make requests to the CyraCom APIs.

Step 1: Obtain Credentials

Before you get started with the steps to generate an authorization token and make any API requests, you need to obtain the client_id and client_secrets for your organization from your CyraCom point of contact.

Step 2: Authorization Request

Our APIs uses the OAuth grant_type "password" more information about it can be found here.

The grant_type password requires the "username", "password" and for our purposes "scope" has to be passed in the body payload. Lastly, Authorization header is a must in the header.

The following URLs are used to make the post request and generate the bearer token:

Sandbox environment: https://id.cyracomstaging.com/oauth2/token

Production environment: https://id.cyracom.com/oauth2/token

Step 3: Generate Token

Make a Post request with the following parameters to either the Sandbox environment or the Production URL.

*Note: The username and password most likely won't be the same across environments

Header Parameters

Authorization: Set to Basic <base64 encoded "clientId:clientSecret">
Content-Type: Set to application/x-www-form-urlencoded

Request Parameters

grant_type: "password",
username: "this should be your CyraCom username for the account associated with video calling",
password: "this should be your CyraCom password for the account associated with video calling"
scope: "openid roles email profile"

Sample Response 200 OK

{

"access_token": "xx508xx63817x752xx74004x30705xx92x58349x5x78f5xx34xxxxx51",

"expires_in": 3600,

"id_token": "xx508xx63817x752xx74004x30705xx92x58349x5x78f5xx34xxxxx51",

"refresh_token": "628x9x0xx447xx4x421x517x4x474x33x2065x4x1xx523xxxxx6x7x20",

"scope": "email openid profile roles",

"token_type": "Bearer"

}

Step 4: Generate Refresh Token

the token expiration is 3600 seconds, while the refresh token expiration is 24 hours.