Access Tokens

You will need to have been Onboarded before you can create access tokens

Using the PowerEPOS AuthServer and the OAuth2 Token endpoint at /authorisation/token, make a client_credentials grant request with the org_id parameter set to the Organisation Code that the end user has provided you.

This token will be scoped to ROS itself. It cannot be used for accessing organisation sales/configuration. In order to access this information you will need to configure a service account with the organisation which is outside the scope of this document.

The token will be valid for a duration defined here

Example Token Request

ROS Scoped Token

HTTP POST https://auth.powerepos.cloud/authorisation/token
Content-Type: application/x-www-form-urlencoded

grant_type=client_credentials&
client_id=<Your ClientID>&
client_secret=<Your ClientSecret>&
org_id=<Organisation Code that you want a ROS token for>&
scope=ros offline_access

JSON Encoded Response:

{
    "token_type": "Bearer",
    "access_token": "ey...3Y",
    "expires_in": 28800,
    "refresh_token": "abc"
    "svc": "https://example.service.uri/",
    "org_id": "<Organisation Code that you requested the token for>"
}

Discovering ROS host

All of the URIs listed in these documents will be host independent. The production environment ROS host is subject to change and vary between outlets so the correct service uri will need to be decoded from the response each time.

The JSON Encoded Reponse to the token request will have a property called "svc" which will contain the service URI that you must use for any requests.

Alternatively, the access_token will be a JSON Web Token with custom claims (in the payload) that are defined at AuthServerClaims. AuthServerClaims.Service will hold the ROS URI that THIS particular token is to be used with. This can be subject to change so ensure it's always decoded.