Body

client_id

string

Public client: Påkrevd. Benyttes ikke for confidential clients.

client_assertion_type

string

Påkrevd for confidential clients, skal ha verdien "urn:ietf:params:oauth:client-assertion-type:jwt-bearer". Benyttes ikke for public clients.

client_assertion

string

Påkrevd for confidentials clients. Benyttes ikke for public clients.

token

string

Hvis man har et refresh_token så skal det sendes inn, hvis ikke så skal access-tokenet sendes inn

200

OK

Body

error

error_description

400

invalid_request

The request is missing a required parameter, includes an
unsupported parameter value (other than grant type),
repeats a parameter, includes multiple credentials,
utilizes more than one mechanism for authenticating the
client, or is otherwise malformed

400

invalid_client

Client authentication failed (e.g., unknown client, no
client authentication included, or unsupported
authentication method). The authorization server MAY
return an HTTP 401 (Unauthorized) status code to indicate
which HTTP authentication schemes are supported. If the
client attempted to authenticate via the "Authorization"
request header field, the authorization server MUST
respond with an HTTP 401 (Unauthorized) status code and
include the "WWW-Authenticate" response header field
matching the authentication scheme used by the client.

400

unauthorized_client

The authenticated client is not authorized to use this
authorization grant type.

400

unsupported_grant_type

The authorization grant type is not supported by the
authorization server.

503

The authorization server is currently unable to handle
the request due to a temporary overloading or maintenance
of the server.