6.2 Obtaining the Client Secret for the Curl Request - CC

When obtaining an Access Token, it must be defined for which token group the token is valid. The Client Secret must be obtained from apps.hin.ch, unlike the Grant Flow, which must be defined by HIN. The Auth Token is obtained in the same way as in Variant A from apps.hin.ch. The tab only appears after an initial incorrect request is sent, i.e., with an incorrect secret.

Obtaining Access Tokens using Curl

The following Curl request can be used to obtain an Access Token:

curl -H 'Content-Type: application/x-www-form-urlencoded' \
  --data-urlencode "grant_type=client_credentials" \
  --data-urlencode "client_id=<CLIENT ID>" \
  --data-urlencode "client_secret=<SECRET>" \
  https://oauth2.hin.ch/REST/v1/OAuth/GetAccessToken/ACS-Application

Response

{
  "access_token": "<ACCESS TOKEN>",
  "expires_in": 2592000,
  "hin_id": "aakeret",
  "refresh_token": "<REFRESH TOKEN>",
  "token_type": "Bearer"
}

OAuth2 Docs

6.2 Obtaining the Client Secret for the Curl Request - CC

Obtaining Access Tokens using Curl

Response