Product: Partner Portal
Audience: Partner Administrator, Partner Developer
Exchanging response code for access token
Once you receive a a code from the initial request, you must now exchange the code for an access token which is used in REST API calls.
The response code can be found in the redirect_uri
https://www.classlink.com/?code=c16055576737839eb71b7fb5a29ded0b71f1b7528a3bc5&response_type=code
You will do a POST request to the token endpoint https://launchpad.classlink.com/oauth2/v2/token with the code, client_secret and client_id in the post body.
The client_secret and client_id are assigned to your application in the ClassLink Dev Console.
There are several great REST API clients you can use for testing. For Chrome, the Advanced Rest Client is easy to use.
Firefox has an add-on called REST Client. The RESTClient for Firefox can automatically exchange and embed the token in your REST API calls.
Content-Type
Ensure you use content-type application/x-www-form-urlencoded in your header. Some REST API clients will automatically add this to your header.
The token endpoint will verify your client_id, client_secret, code and then respond with your access_token. The id_token encodes the user information and this will be used in the next step.
Your response code expires in 5 minutes!
Use your response code right away because it will automatically expire after 5 minutes. Access tokens are good for 24 hours.
Now you are ready to access the APIs!
Updated: November 2020