App API Access (Client Credentials)

The Client Credentials Grant is used to get App API Access to resources from the API. Client Credentials authenticates your app, not any specific user.

With a token from the Client Credentials Grant you can:

Get generic and statistics information about Hubble (for instance products & sales)

And you cannot:

Request information about a specific user
Request the userinfo information

Example

Step 1: Registration

Make sure that your client is registered and that you have all the necessary information. We need something like the following registered for your app:

Client ID: ABCDEF
Client Secret: ZXYW

Step 2: Scopes

Determine which scopes you need to access the API endpoints. You can find this information on the API documentation pages.

Scopes: example1, example2

Step 3: Request a token

Send a POST request to https://login.starcommunity.app/oauth2/token with the following body (assuming the details from step 1):

POST /oauth2/token HTTP/1.1
Host: login.starcommunity.app
 
grant_type=client_credentials
&client_id=ABCDEF
&client_secret=ZXYW
&scope=example1 example2

You will get a response similar to:

HTTP/1.1 200 OK
Content-Type: application/json
Cache-Control: no-store
 
{
  "access_token":"TOKEN",
  "token_type":"Bearer",
  "expires_in":3600,
  "scopes": [
     "example1",
     "example2"
   ]
}

This indicates that you have indeed received a token TOKEN for the requested scopes. You might also get a token with fewer scopes, if access is denied.

Step 4: Use the token

Perform your requested API call, using the token in the Authorization Header. It might look like this:

GET /example/api HTTP/1.1
Host: api.hubble.cafe
Authorization: Bearer TOKEN

Example​

Step 1: Registration​

Step 2: Scopes​

Step 3: Request a token​

Step 4: Use the token​

Example

Step 1: Registration

Step 2: Scopes

Step 3: Request a token

Step 4: Use the token