Client credentials flow corresponds to the use case of interacting with your own data with no user interaction. For this flow, HCSS will provide you with 3 pieces of information:
client_secret, and one or more scopes. To get a token, make a form-url-encoded POST to the
/connect/token endpoint of our Identity API. Here is an example in cURL:
curl --request POST --url 'https://api.hcssapps.com/identity/connect/token' --header 'Content-Type: application/x-www-form-urlencoded' --data-urlencode 'grant_type=client_credentials' --data-urlencode 'client_id=YOUR_CLIENT_ID' --data-urlencode 'client_secret=YOUR_CLIENT_SECRET' --data-urlencode 'scope=YOUR_SCOPES'
Note: if you're using windows, you need to replace single quotes ' with double quotes " for the sample to work.
client_secret will be provided by HCSS. The
scope parameter is a space-separated string of scopes that HCSS provides as well. For example, if your application needs read-only data from the Skills API and HeavyJob API, your scope parameter will be
If the request was successful, you will receive an
access_token and can now make an API call!
For a more detailed overview of client credentials flow, check out the docs on auth0.