Authorization

The open+ API uses Bearer token authorization using the Oauth2 client_credentials flow.

This means that you have to include the Oauth2 Access Token in the Authorization http header like follows:

GET <url> HTTP/1.1
Authorization: Bearer <access_token>

To request a new token, then you need access to the API module tab in the open+ Access Administration under your customer in Configuration.

There you can find your customer Oauth2 client id and client secret.

You then need to make the following request to the open+ Identity Server:

POST https://identity.opnbibliotheca.com/connect/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded
Content-Length: <length>
Host: <host>

client_id=<your client id>&
client_secret=<your secret>&
grant_type=client_credentials&
scope=OpenPlusAPI

Which will either respond with an error:

{
    "error": "error_message"
}

or a success message with the access token:

{
    "access_token": "access_token",
    "expires_in": 3600,
    "token_type": "Bearer",
    "scope": "OpenPlusAPI"
}