Overview

This page demonstrates the retrieval of an OAuth 2.0 Access Token which can be used by a CyberSource partner (client application - see below) to access CyberSource ON BEHALF OF a CyberSource merchant (Resource Owner - see below).

OAuth 2.0 Clients

In OAuth 2.0 nomenclature a CyberSource partner application (e.g. shopping cart, analytics application, invoicing solution, etc.) is referred to as a Client Application.

OAuth 2.0 Resource Owners

In the CyberSource ecosystem, the Resource Owners are merchants. The client applications use the CyberSource OAuth 2.0 flow to transact with the merchant resources via our APIs. E.g. retrieve merchant subscriptions data.

Step 1:

Connect with the CyberSource OAuth 2.0 Authorization endpoint (see source behind button above).

Step 2:

Use the Authorization Code returned from Step 1 to retrieve an Access Token (and Refresh Token) from our /token RESTful endpoint.

POST : https://api-ma.cybersource.com/oauth2/v3/token

Content-Type: application/x-www-form-urlencoded v-c-client-correlation-id: 123456789

grant_type=authorization_code&code=sg#thsu67&client_id=o2client

Step 3:

Use the Access Code from Step 2 to access the CyberSource API (TBD)

Sample Request

Authorization: Bearer eyJraWQiOiIyNmRjfjVkZTdlMmYwYTI0ODg0MjU1YjIwZWJjMGY0MSIsImFs curl -X POST -H "Authorization: Bearer ACCESS_TOKEN""https:// api.cybersource.com/pts/v2/payments"