Obtaining OAUTH service account (version 2)

Options

So I'm going to implement a websocket client to contribute to a websocket client. The first thing I need to do is to obtain an access token.

So the first problem I get at the moment is that I'm receiving a 401 Access Denied on my machine account. So I ask this as content to my request

Endpoint: "https://api.refinitiv.com/auth/oauth2/v2/token"

"grant_type", "client_credentials"
"client_id", "03c655656802455b8xxxxxxxxxxxxxxxx" <- My newly added App Key from here: https://emea1-apps.platform.refinitiv.com/apps/appkeygenerator?srv=PLNP-ERPA01
"client_secret", "{APISECRET}" <- the password for my machine account

1. Can somebody tell me what I'm doing wrong in the client_id and/or client_secret.

2. When I get the token I need to subscribe to a channel, I dont know which topic and how. I found this page but is there an official page where I can maybe figure out what I should subscibe to?


Best Answer

  • raksina.samasiri
    Answer ✓

    Hi @kala ,

    Thank you so much for the article feedback, it'll be applied to the article soon.

    And sorry for the confusion, the version 2 authentication can be used with the credentials for version 2 only and the credential you're using is for version 1.

    As checked with my team, version 2 of WebSocket isn't released and ready to be used yet. In the meantime, please use the version 1 instead and I'll keep you updated when the version 2 authentication for websocket is ready.

Answers

  • kala
    kala Newcomer

    It is referring to version 1 I can obtain a bearer token for version 1.

    from the articles source version 1 - https://api.refinitiv.com:443/auth/oauth2/v1/token

  • kala
    kala Newcomer

    Hi,

    Thank you for your link, yes I've been looking the article thru. I find it extremely hard to understand how the input parameters should be identified, by the information I received from Refinitiv. I got no problem obtaining the version 1 access token.

    Furthermore the endpoint is wrong in the article it should be https://

    API URL endpoint: http://api.refinitiv.com/auth/oauth2/v2/token (please be noticed the v2 API version)

    if we go thru the parameters

    • grant_type: The grant_type parameter must be set to client_credentials. <- this makes sense
    • client_id: The client_id is a public identifier for apps. <- What does this mean?
    • client_secret: The client_secret is a secret known only to the application and the authorization server. It is essential to have the application’s password associated with the client ID. <- is that the password received from refinitiv?
    • scope (optional): Limits the scope of the generated token so that the Access token is valid only for a specific data set <- Please write which kind of options I got here, come up with an example.

    So I got these two parameters from Refinitiv,

    Machine account 1: {MachineAccountPassword1}
    Password 1: {Password1}

    Created an application:

    AppKey (Created application): {ApplicationKeyId}

    So what do i type into client_id, client_secret and scope. It should be better explained.

    grant_type: client_credentials

    client_id: ???

    client_secret: ???

    scope: ???

  • kala
    kala Newcomer

    OK thank you for the clarification, I can obtain the bearer token. Can you point me to a place where I can find the documentation for WebSocket version 1? I can find a lot of endpoints for each region but I don't know what is current and which channels?

  • Hello @kala

    I highly recommend the following resources for version 1 authentication:

    About the endpoints, there is a document in Chapter 3 of the Refinitiv Real-Time - Optimized Install and Config Guide document.

    • Note: WebSocket endpoints port is 443, the endpoints with port 14002 are for RTSDK only,