Client Credentials
Client Credentials is suitable for machine to machine (M2M) authorization.
To complete the authentication process, the client must authorize itself to Gojek OAuth2 server using client credentials. Client credentials contains two parameters client_id and client_secret. This identification of the client is done through client credentials issued by Gojek.
The steps to access protected resources/APIs on GoBiz are given below.
- Get token from token endpoint.
- Use Access Token to access GoBiz API.
Get Token from Token Endpoint
You need to send a request to GoBiz to acquire the access token.
Endpoint = OAUTH_URL/oauth2/token
Header Parameters
| Parameter | Description | Type | Required | Example |
|---|---|---|---|---|
client_id | Unique identifier issued to the client by Gojek. | String | Required | abc |
client_secret | Secret issued to client by Gojek. | String | Required | my_secret |
grant_type | Method to gain the access token. It must be client_credentials. | String | Required | client_credentials |
scope | Scope of access to be associated with the resulting access token. | String | Required | partner:outlet:write |
- If access level is not provided, no scope is granted to the token.
- Refer OAuth 2.0: Section 2.3.1 - Client Password for more information on client credentials.
The available scopes are described in the table given below.
| Scope | Scope Description |
|---|---|
partner:outlet:read | To read outlet data. |
partner:outlet:write | To edit or update outlet data. |
gofood:catalog:read | To read GoFood menu. |
gofood:catalog:write | To modify GoFood menu. |
gofood:order:read | To read GoFood order data. |
gofood:order:write | To mark an order is ready. |
promo:food_promo:read | To retrieve GoFood promotions. |
promo:food_promo:write | To modify GoFood promotions. |
payment:transaction:read | To read payment transaction. |
payment:transaction:write | To modify payment transaction. |
payment:pop:read | To read payment PoP data. |
mokapos:library:read | To read mokapos libray data. |
mokapos:transaction:read | To read mokapos transaction data. |
mokapos:reporting:read | To read mokapos reporting data. |
mokapos:customer:read | To read mokapos libray data. |
mokapos:checkout:write | To update mokapos checkout data. |
mokapos:salestype:read | To read mokapos sales type data. |
Response Parameters
| Parameter | Description | Type |
|---|---|---|
access_token | A token that can be used to access the GoBiz API. | String |
expires_in | Approximate remaining lifetime of the token in seconds. | Integer |
token_type | Type of the token returned. Value: Bearer. | String |
scope | Scope granted to the token. | String |
Sample Request
curl -X POST https://integration-goauth.gojekapi.com/oauth2/token \
-u "my_client_id:my_client_secret" \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "grant_type=client_credentials" \
-d "scope=partner:outlet:read"
Sample Response
{
"access_token": "this_is_the_access_token",
"expires_in": 3600,
"token_type": "Bearer",
"scope": "partner:outlet:read"
}
- Any fields not understood by the client should be ignored.
- It is the responsibility of the client to trigger the above described flow to get a new access token just before
expires_inwindow ends or when a401 - Unauthorizedis received from the resource server. :::
Use Access Token to Access GoBiz API
Access token received in the Get Token from Token Endpoint step can be used to access GoBiz APIs by sending the token in the Authorization header.
For Authorization header example, see Get All Outlets API.
Identify API accessible with Client Credential access token
To identify which API that's accessible with Client Credential access token, you can check on the API page and find if it contains go_auth_client_credentials information.
go_auth_client_credentials(partner:outlet:read) means the API is accessible using Client Credentials access token and partner:outlet:read scope.
:::
Prerequisite access outlet-specific API
The majority of outlet-specific APIs can be accessed using a client credential access token. To do so, it is necessary to complete the outlet linking process. See Link Outlet by Merchant ID for details.