From 3f77b49a413053f0f89e5ad226fec27f4e32ebad Mon Sep 17 00:00:00 2001 From: mffap Date: Wed, 29 May 2024 11:14:27 +0200 Subject: [PATCH] docs(service users): improve client id and client secret docs (#7990) # Which Problems Are Solved - Misaligned heading - Curl with auth header is hard to understand without the link # How the Problems Are Solved Instead of explaining how to create a proper encoding, just use --user flag for client_id and client_secret --- .../guides/integrate/service-users/client-credentials.md | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/docs/docs/guides/integrate/service-users/client-credentials.md b/docs/docs/guides/integrate/service-users/client-credentials.md index 8d2caf6e83..7924f2b6ae 100644 --- a/docs/docs/guides/integrate/service-users/client-credentials.md +++ b/docs/docs/guides/integrate/service-users/client-credentials.md @@ -26,7 +26,7 @@ If you lose it, you will have to generate a new one. ![Create new service user](/img/console_serviceusers_secret.gif) -## 2. Authenticating a service user and request a token +### 2. Authenticating a service user and request a token In this step, we will authenticate a service user and receive an access_token to use against the ZITADEL API. @@ -36,13 +36,15 @@ You will need to craft a POST request to ZITADEL's token endpoint: curl --request POST \ --url https://$CUSTOM-DOMAIN/oauth/v2/token \ --header 'Content-Type: application/x-www-form-urlencoded' \ - --header 'Authorization: Basic ${BASIC_AUTH}' \ --data grant_type=client_credentials \ - --data scope='openid profile' + --data scope='openid profile' \ + --user "$CLIENT_ID:$CLIENT_SECRET" ``` +* `CUSTOM_DOMAIN` should be set to your [custom domain](/docs/concepts/features/custom-domain) * `grant_type` should be set to `client_credentials` * `scope` should contain any [Scopes](/apis/openidoauth/scopes) you want to include, but must include `openid`. For this example, please include `profile` +* `CLIENT_ID` and `CLIENT_SECRET` should be set with the values shown in Console when generating a new secret to enable [basic authentication](/docs/apis/openidoauth/authn-methods) If you want to access ZITADEL APIs, make sure to include the required scopes `urn:zitadel:iam:org:project:id:zitadel:aud`. Read our guide [how to access ZITADEL APIs](../zitadel-apis/access-zitadel-apis) to learn more.