OAuth Workflow

To authenticate API calls, developers are required to use Access Token using the OAuth 2 standard.

Needed data for OAuth 2:
1. Client_ID
2. Client_Secret

Workflow

OAuth Workflow

Note: All OAuth requests must occur server-side to protect client_ID and client_secret.

Code Examples:

Curl Example:

curl -i http://api.iris.tv/oauth/access_token
-F grant_type=none
-F client_id= iris_client_test
-F client_secret= client_test_secret
-F scope=iris_tv

PHP Example:

<?php
function generateAccessToken(){
$url = 'http://api.iris.tv/oauth/access_token';
$client_id = 'iris_client_test';
$client_secret = 'test_secret';
$data = array('grant_type' => 'none', 'client_id' => $client_id,
'client_secret' => $client_secret,
'scope' => 'iris_tv');

// use key 'http' even if you send the request to https://...
$options = array(
'http' => array(
'header' => "Content-type: application/x-www-form-urlencoded\r\n",
'method' => 'POST',
'content' => http_build_query($data),
),
);
$context = stream_context_create($options);
$result = json_decode(file_get_contents($url, false, $context));

echo ("'" . $result->access_token . "'");
}
?>

Token Creation

To ensure tokens stay fresh, client should frequently create new tokens use for API calls.