Authorization

Client Authorization
Make sure to have signed up for an account so you are able to get access credentials for your application and deploy your first pool.
Broken link
Broken link
1. Create an Application
When you have access THX Dashboard you will be able to register an application. This application will hold you client credentials. With these credentials you are able to create a Basic Authentication header, which should be passed in the request to obtain your API Access Token.
Two grant types exist that you can register a client for.
1. Client Credentials Grant
This grant is meant for backend to API data exchange and allows for most API interactions except user account information.
2. Authorization Code Grant
This grant is meant for browser to API data exchange and allows for retrieving user account information since the access token is obtained after user authentication.
Example of a client_credentials grant.
CLIENT_ID=_lntZMrYTLdoc_Eqxd1mZ
CLIENT_SECRET=3LlIsWk5Ef2DU_OOERbLqrXEhtMru8hxuMZ7fo8WD8E5aJAXDVLppdkoMMgxcPbktzlgps5fe_SyjQH8CWv6XQCopy
Never use the client credentials grant in applications that run in the browser. 
Bad actors can easily intercept your requests and extract your access token or client credentials from the header information.
2. Create a Basic Authentication header
This is an example of how to create a base64 encoded Basic Authorization header.
const h = 'Basic ' + new Buffer(`${CLIENT_ID}:${CLIENT_SECRET}`).toString('base64');
3. Request an API Access Token
Provide the Basic Authorization header and the correct Content-Type in your request to obtain your API access token.
Request:
axios({
    url: 'https://auth.thx.network/token',
    method: 'POST',
    headers: {
        'Content-Type': 'application/x-www-form-urlencoded',
        'Authorization': 'Basic ' + new Buffer(`${CLIENT_ID}:${CLIENT_SECRET}`).toString('base64'),
    },
    data: {
        grant_type: 'client_credentials',
        scope: 'openid admin',
    }
});
Response:
{
    "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6ImtNV0FGWDdIenh2ek52R3JXNkpQZUJhUXdvY21LRzZnSUNzWUd1dUMtTjQifQ.eyJqdGkiOiJ6WW5vTjI0VUZ1Z1NRRDNfRVp0OVciLCJpYXQiOjE2MTQ2NzYyNjIsImV4cCI6MTYxNDY3Njg2Miwic2NvcGUiOiJvcGVuaWQgYWRtaW4iLCJpc3MiOiJodHRwOi8vbG9jYWxob3N0OjMwMDAiLCJhdWQiOiJfbG50Wk1yWVRMZG9jX0VxeGQxbVoifQ.FubTCity_twCn2vrSKrzTyRscWNxEh4iV62i_yFHMTNOXkX5tX1ZH4syDqd7jEWfGP8Rzcc4DoIqDu-5IZQ6Pyrf-78LxRmfy_h0eNml7x-0X18lo6by20dfR9u7I2vdkb9c8YyNkFpK_ywJJwufoEfOhm1PPRCUcjAV1MX_nLbK4kgAp1NIeYqDENyb7LM3taC1HLdrzRYZhekD1W48895SJWSW12Ljm_seDXRQa1e_5neIjmC22JT98q26fPBRRxi1ZUyj0qks68grlD1k4hadosODwqQjFMTupg5KCqVt5T4WzrboY-jdgl-hURS3W3W8sHRyUWA0mB6M3LH7Rg",
    "expires_in": 600,
    "token_type": "Bearer",
    "scope": "openid admin"
}
​
Last modified 1yr ago