Using scripted access to OAuth clients#

To authenticate script users using OAuth, the OAuth client must support client credentials flow.

The script should first fetch an access token from the Argus OAuth Token endpoint

curl -XPOST -H"Argus-API-Key: my/api/key" -d client_id=04d45a6b-05a1-4bed-8181-5c5d46d4f64e -d grant_type=client_credentials

Argus will respond with an access token:


The script should then use this token as an Authorization:Bearer header towards the client application:

curl -XPOST -H"Authorization:Bearer myUserName/ckEgvr23mT8PfPMPddVY7wYuuE6t6YmKLKr7tu3pV8ajvbGHzuJ9crvwoPFUBj9o" https://my.application/dosomething

The client application may invoke the Argus token endpoint to verify the token, or invoke any permitted Argus endpoint using this bearer token.

curl -XGET -H"X-Forwarded-For:" -H"Authorization:Bearer myUserName/ckEgvr23mT8PfPMPddVY7wYuuE6t6YmKLKr7tu3pV8ajvbGHzuJ9crvwoPFUBj9o"


The client MUST forward the user agents origin IP using the X-Forwarded-For header, as Argus will verify that this IP corresponds with the IP used to initiate the session.