I am using http://jsonapi.org as a the format for the responses of my api. I am however a little puzzled how to correctly respond to a request for an access token.
As far as I am aware, from the oAuth side I need to return the following:
{
"access_token": "abc1234...",
"token_type": "Bearer",
"expires_in": 3600
}
From the jsonapi docs I got that every request needs to return a resource object. And every resource object needs a data element with type and id.
However I feel this is not correct for the oAuth token request. Please help me how to do this correctly. Thanks.
I asked in the jsonapi forum and tyler kellen provided a very good answer (http://discuss.jsonapi.org/t/json-api-response-format-for-non-resource-data-like-oauth-token/74). I settled for this now:
{
"jsonapi": {
"version": "1.0"
},
"data": {
"id": "Qcg6yI1a5qCxXgKWtSAbZ2MIHFChHAq0Vc1Lo4TX",
"type": "token",
"attributes": {
"access_token": "Qcg6yI1a5qCxXgKWtSAbZ2MIHFChHAq0Vc1Lo4TX",
"token_type": "Bearer",
"expires_in": 3600
}
}
}