Instead of obtaining access token using the OAuth 2.0 flow, you can call Authcore API using a signed JWT directly as a bearer token, . You can avoid having to make a network request before making an API call. To do so:
1.
Generate an EC private key, of size 256, and output it to a file named key.pem:
Update Authcore config file, set service_account_public_key to the public key and service_account_id to the ID of the user that act as a service account.
4.
Using any standard JWT library, such as one found at jwt.io, create a JWT with ES256 algorithm and payload like the following example:
1
{
2
"iss":"serviceaccount:<service_account_id>",
3
"sub":"serviceaccount:<service_account_id>",
4
"iat":1511900000,
5
"exp":1511903600
6
}
Copied!
Sign the JWT with prime256v1 using the above private key.
For example (Javascript):
1
var jwt =require('jsonwebtoken')
2
var opts ={
3
algorithm:"ES256",
4
issuer:"serviceaccount:server",
5
subject:"serviceaccount:server",
6
expiresIn:60
7
}
8
var token = jwt.sign({}, privateKeyPEM, opts)
Copied!
5.
Call the API, using the signed JWT as the bearer token: