Authorization Code Grant type

We have a log-collector application that needs to collect logs from the IDN using the search query for last 5 minute events. The application is supporting OAuth 2.0 and OIDC.
We got to know from the app team that they recommend using authorization grant type for the Sailpoint IDN REST API client authentication.

From the documentation below is the finding:

1. Auth token with grant type authorization code is generated for users. So inorder to generate this the token must be associated with a user (with relevant access level) unlike the client credential grant type tokes.
2. We need to have a redirect URL of the target application to which the access token need to be returned.
3. The authorization grant type flow contains a GET request to the sailpoint end point /oauth/authorize for getting the authorization code and then a POST request to the end post /oauth/token for getting the access token.

Please let me know if the above are the only requirements for the authorization grant type. Also feel free to correct if any thing is missing or incorrect.

Hi Anu,

This is typical app-to-app communication and works with the Oauth2.0 client credential grant type. As you mentioned, the authorization grant type requires user interaction for authentication to obtain an access token. We recommend using the Client Credentials grant type. Our organization uses the same to collect logs from our Sailpoint IDN tenant. Please let me know if this helps.

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.