Requesting Access
Requesting Service Access Token
This section describes which value(s) need to be specified in the service access token request.
- In the request URL:
-
subjectID
:(intheURL):ID of the local requester, which was provided by the Nuts node when the subject and its DIDs was created.
-
- In the request body:
-
authorization_server_url
: the OAuth2 issuer URL of the party that grants access, found in its DID document. -
scope
: specifies what resources the access token will give access to. This is specified by the use case. -
credentials
(optional): one or more credentials to provide to the authorization server that are not inrequestthebody)requester's wallet. This is typically used to provide anEmployeeCredential
to the authorization server. See the section below for how to provide this. -
token_type
(optional): by default, tokens are of type DPoP that mitigate token theft. Alternatively, theBearer
token type can be specified, but you'll be more vulnerable to MITM attacks.
-
Providing extra credentials
The service access token request allows you to supply additional