Generate a JWT token

Authentication mechanism

With machine-to-machine (M2M) applications, such as CLIs, daemons, or services running on your back-end, the system authenticates and authorizes the app rather than a user. For this scenario, typical authentication schemes like username + password or social logins don't make sense. Instead, machine-to-machine apps use the Client Credentials Flow (defined in OAuth 2.0 RFC 6749, section 4.4), in which they pass along their Client ID and Client Secret to authenticate themselves and get a token.

  1. Your app authenticates with the Stent Authorization Server using its Client ID and Client Secret (/connect/token endpoint).

  2. The Stent Authorization Server validates the Client ID and Client Secret.

  3. The Stent Authorization Server responds with an Access Token.

  4. Your application can use the Access Token to call the Stent GraphQL API on behalf of itself.

  5. The GraphQL API responds with requested data.

Generate a JWT token

The HTTP request below allows you to generate a valid JWT authentication token that you can use to access schema and data of the GraphQL API.

JWT token is valid 30 days after being issued

Get your credentials

Grab your Client ID and Client Secret from the Setting > API section of your workspace.

post
Generate a JWT token

https://auth.stent.io/connect/token
Make sur to replace values of client_id and client_secret parameters with your own credentials
Request
Response
Request
Headers
Content-Type
required
string
application/x-www-form-urlencoded
Body Parameters
grant_type
required
string
client_credentials
response_type
required
string
token
client_id
required
string
Your Client ID
client_secret
required
string
Your Client Secret
Response
200: OK
{
"token_type": "Bearer",
"access_token": "<Your JWT access token>",
"expires_in": 2592000
}

‚Äč

Curl command

curl --request POST 'https://auth.stent.io/connect/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'response_type=token' \
--data-urlencode 'client_id=<Your Client ID>' \
--data-urlencode 'client_secret=<Your Client Secret>'