/
OAuth - v1

OAuth - v1

Owned by Brecht Bauwens
Mar 21, 2025

Business Overview

Overview

The OAuth - v1 API provides a secure and standardized way to retrieve access tokens using various OAuth 2.0 authorization flows, including Authorization Code, Resource Owner Password, and Client Credentials. This API is essential for enabling secure access to protected resources by ensuring that only authenticated and authorized users or applications can obtain access tokens.

All Van Marcke APIs are protected via OAuth 2.0. This means that before calling any of our APIs, a valid access token must first be obtained through this OAuth - v1 API.

Key Business Benefits

  • Enhanced Security: Utilizes standard OAuth 2.0 flows to ensure secure access to services and APIs, reducing the risk of unauthorized access.

  • Centralized Authentication: Simplifies access control by managing authentication logic in one place.

  • Flexible Grant Support: Supports multiple OAuth flows, enabling integration with different client types (web apps, mobile apps, machine-to-machine).

  • Improved User Experience: Enables smooth user authentication and authorization redirections with minimal friction.

  • Token Lifecycle Management: Provides endpoints to obtain, refresh, and verify tokens, ensuring secure and up-to-date access credentials.

Developer Documentation

Developer Portal URL: https://developer.vanmarcke.com/product/authentication/api/oauth-v1
API Proxy Base URL: https://api.vanmarcke.com:443/v1/oauth

Core Endpoints Overview:

  • Authorize
    Endpoint: GET /authorize
    Description: Initiates the OAuth flow by interacting with the resource owner to obtain an authorization code. Typically used in the Authorization Code flow.

  • Token Exchange
    Endpoint: POST /token
    Description: Exchanges an authorization code or other grant type (like client credentials or refresh token) for an access token and optionally an ID token and refresh token.

  • Token Keys
    Endpoint: GET /token_keys
    Description: Retrieves the public keys used to verify the signatures of JWT tokens issued by the authorization server.

  • User Info
    Endpoint: GET /userinfo
    Description: Retrieves user claims based on the access token provided. Useful in OpenID Connect flows to gather authenticated user information.

Authentication:

  • Basic Authentication (used when exchanging token via /token)

  • Bearer Token (JWT format, used for authenticated requests like /userinfo)

Related content