Link Search Menu Expand Document (external link)

Obtaining an Access Token


Steps in acquiring an access token :

  • Step 1: Register an AAD Application in the Azure portal
  • Step 2: Register the AAD Application’s Client Id in the RCL Portal
  • Step 3: Make a POST request to the AAD Application-specific token endpoint to obtain a token

Registering an AAD Application

To register an AAD application, please follow the instruction in this link :

Get the AAD Credentials

To obtain the following credentials from the AAD application:

  • Client Id
  • Client Secret
  • Tenant Id

follow the instructions in this link :

Add the Client Id in the RCL Portal

A user must add the Client Id in the RCL Portal in order to associate the AAD application with the user’s RCL subscription.

  • Open the RCL Portal

  • In the ‘Subscription’ section, click on ‘API Client’, then click the ‘Register a Client Id’ button



  • Click the ‘Submit’ button when you are done.

Request an Access Token

To request an access token, use an HTTP POST to the Application-specific Azure AD token endpoint.<tenantId>/oauth2/v2.0/token

Replace the tenantId placeholder with the Tenant Id for the AAD Application.

Include the following parameters in the body of the POST request in the Form-UrlEncoded format :

  • grant_type : should be : client_credentials
  • client_id : the Client Id of the AAD Application
  • client_secret : the Client Secret of the AAD Application
  • resource : the RCL Core API resource, should be : a9e1b21d-061d-42d6-99d9-115a328cd062/.default

Example Request

POST /88cd9a7c-bc7c-3426-b9c2-2702c3b6b0e7/oauth2/v2.0/token HTTP/1.1           
Content-Type: application/x-www-form-urlencoded


Service Response

A success response contains a JSON response with an AuthToken in the body of the response. The Access Token can be acquired from the AuthToken.

Example Response

  "token_type": "Bearer",
  "expires_in": 3599,
  "access_token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ik1uQ19WWmNBVGZNNXBP..."

Use the Access Tokens to Make a Request

To make a request to the RCL Core API, include the access token as a Bearer Authorization in the header of the request


GET /production/ssl/core/v1/certificate/subscription/I-TKGDBEFH2BEN/get/all
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ik1uQ19WWmNBVGZNNXBP...