Authorization Rules
Milesight Development Platform API utilizes OAuth 2.0 for authorization, granting your applications access to resources on Milesight Development Platform through secure tokens, eliminating the need for user credentials. This topic explains the authorization process and the token validity period.
Authorization process
The diagram below shows the process of an application accessing Milesight Development Platform via OAuth2.0.
- An application uses the credentials (Client ID and Client Secret) obtained from Milesight Development Platform to request an access token, which is required for the application to access Milesight Development Platform API.
- Milesight Development Platform validates the credentials, and sends an access token along with a refresh token.
- The application calls the Milesight Development Platform API by passing the
access token either in an
Authorization
HTTP headerBearer
value or in anaccess_token
query parameter. - Upon receiving the request, Milesight Development Platform authenticates the access token and returns a response, providing the information requested by the API call.
- Access token expires 1 hour after it is issued, you need to refresh the access token before it expires.
Token validity period
- Access token is valid for 1 hour
- Refresh token is valid for 30 days