This flow is used for machine-to-machine communication where the application authenticates itself directly without a user present.
This is the standard flow for backend services.
Method:
POSTEndpoint: Your Token URL (from your client application's metadata).
- Example Token URL for a Client App:
https://ai.egain.cloud/system/auth/TMPRODB88619984-U/oauth2/token
- Example Token URL for a Client App:
Headers:
| Header | Value |
|---|---|
Content-Type | application/x-www-form-urlencoded |
Body Parameters (application/x-www-form-urlencoded):
| Parameter | Relevance | Description |
|---|---|---|
grant_type | Required | Must be set to client_credentials. |
scope | Required | A space-separated list of scopes. You can include any combination of scopes assigned to your client application in a single request. This allows you to generate one multi-purpose token for your entire application, or separate tokens for specific tasks, depending on your architectural needs. |
client_id | Required | The Client ID for your application. |
client_secret | Required | The Client Secret for your application. |
- Example Full Token cURL for a Client App:
curl --location --request POST 'https://ai.egain.cloud/system/auth/TMPRODB88619984-U/oauth2/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'scope=knowledge.portalmgr.manage' \
--data-urlencode 'client_id=b4b2c1d9-4c19-4e8a-8e7a-9a0b1c2d3e4f' \
--data-urlencode 'client_secret=hh2Y0UE8FmaFBBawzMUua1OB8Ks4QWHNUyhDyZj1X7c'This flow is a specific implementation of client credentials to get a token for an anonymous customer.
Method:
POSTEndpoint: https://api.ai.egain.cloud/core/authmgr/v3/oauth2/v2.0/anonymous/token?user_type=customer&domain_hint=<TENANT_ID>
- Example Token URL for an Anonymous Customer:
https://api.ai.egain.cloud/core/authmgr/v3/oauth2/v2.0/anonymous/token?user_type=customer&domain_hint=TMPRODB88619984
- Example Token URL for an Anonymous Customer:
Query Parameters:
| Parameter | Relevance | Description |
|---|---|---|
user_type | Required | Must be set to customer. |
domain_hint | Required | Must be set to your environment's tenant id. This is the id that is present in all authorization and access token URLs from your client application's metadata. i.e, TMPRODB88619984 of https://ai.egain.cloud/system/auth/TMPRODB88619984-C/oauth2/token |
Body Parameters (application/x-www-form-urlencoded):
| Parameter | Relevance | Description |
|---|---|---|
grant_type | Required | Must be set to client_credentials. |
client_id | Required | The Client ID for your application. |
client_secret | Required | The Client Secret for your application. |
scope | Required | A space-separated list of application permissions required for anonymous access. For anonymous customer, each scope will need to be prefixed with https://api.ai.egain.cloud/auth/, i.e, https://api.ai.egain.cloud/auth/knowledge.portalmgr.read |
- Example Full Token cURL for an Anonymous Customer
curl --location --request POST 'https://api.ai.egain.cloud/core/authmgr/v3/oauth2/v2.0/anonymous/token?user_type=customer&domain_hint=TMPRODB88619984' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'client_id=************************************' \
--data-urlencode 'client_secret=************************************' \
--data-urlencode 'scope=https://api.ai.egain.cloud/auth/core.aiservices.read https://api.ai.egain.cloud/auth/core.aiservices.manage'Next Steps: