User Session Generation

Follow the instructions below for generating user access_token based on Company access_token

curl -X POST {OAUTH_URL}/v1/oauth/token/create/user 
-H 'Authorization: Bearer 
eyJ0b2tlbkNvbnRlbnQiOnsiaXNzdWVkRm9yIjoiRnJlc2h3b3JrcyIsInNjb3BlIjoiIiwiaXN 
zdWVkQXQiOjE1NTk4MDQ1NTAxMzYsImV4cGlyZXNBdCI6IjIwMTktMDctMDZUMDc6MDI6MzAuMT 
M2WiIsInRva2VuX3R5cGUiOiJDT01QQU5ZIn0sImFfdCI6ImY3ZWM1MWMyYmE0ZGNmNzY2ZWE0Z 
DExMTI3ZjEzZjQzZjAwZmNhN2EifQ==' 
-d '{ 
"user_input":"cs@xoxoday.com", 
"scope":"profile_read,points_read" 
}' 

createUser

POST /v1/oauth/token/create/user

Path Parameters

Name	Type	Description
user_input	string	The authorization header is the bearer company access_token which is obtained by the client.

Headers

Name	Type	Description
Authorization	string	user_input is the email/employee_id of the user registered in the xoxoday scope must be of the values mentioned in the client registration

200 The response given by the Xoxoday server for this request will be of the following format.

{ 
"access_token": 
"eyJ0b2tlbkNvbnRlbnQiOnsiaXNzdWVkRm9yIjoiRnJlc2h3b3JrcyIsInNjb3BlIjoiIiwiaX 
NzdWVkQXQiOjE1NTk4MDQ1Nzg1ODIsImV4cGlyZXNBdCI6IjIwMTktMDYtMjFUMDc6MDI6NTguN 
TgyWiIsInRva2VuX3R5cGUiOiJVU0VSIn0sImFfdCI6ImV5SmxibU1pT2lKQk1USTRRMEpETFVo 
VE1qVTJJaXdpWVd4bklqb2lSVU5FU0MxRlV5SXNJbXRwWkNJNkltVnVZeUlzSW1Wd2F5STZleUp 
yZEhraU9pSkZReUlzSW1OeWRpSTZJbEF0TWpVMklpd2llQ0k2SWpoMmJVTkVRMUZQZW1wQlNHWn 
dabXQ0TVhjNVluZHphM1JhZWtRek0ySXRZamx0VVhSclEyRnhNV3NpTENKNUlqb2lZMGR0V2kxd 
WIySjBWbUptTVdGdVNraDBUMmxoWW5VMFZHUlVhRzVVYmpCYWRuWnJabGMwYzBWb2N5SjlmUS4u 
U1h3TlNUSWhFUXNlN0htaXpPUmFIQS5NRzBVUy1lek1IOEFsbWFLc2ZTY3Nwa2FlYzBIcW9FcUV 
1YXRoNHRSTTRpeVg2dFByX1ZjTnlsdnk5YjlGLTZHR01DbjY1TjYwYnpIUUJtRVZvZGRYVWlvQS 
1kTkpuaE9KdThHczRfeW9pM042VGFOdWh", 
"token_type": "bearer", 
"expires_in": 1296000, 
"refresh_token": "7f86ff4fcca7aad47ad90775426f00fdf7daf194" }