...
| Grant type | Description | Guidelines |
|---|---|---|
password | Authenticate using a username and password. | |
| device_code | Authenticate a device using a secondary device. | Device Authorization Grant |
| refresh_token | Renew an active session using a refresh token. | |
| third_party_token_exchange | Authenticate using a token from a third-party authentication service. | Third-party token exchange grant |
| stb_pwless | Authenticate a previously provisioned device using a public-key certificate. | STB passwordless auth grant |
Using the access token
Once you have obtained the access token, you can use the service by providing the access token in the Authorization header in every request to an API that requires authorization:
...
Access tokens cannot be revoked, but they will expire after a while. When a session is ended, any remaining unexpired access tokens should simply be discarded.
The examples for performing the call for revoking the refresh tokens can be found in the Postman collection below.
Postman collection for user preferences
View file name UserPreferencesV2.zip height 250