Cengel ID
Cengel IDDeveloper Portal

API Endpoints

Complete reference for all OAuth and OpenID Connect endpoints.

Authorization Endpoint

GET
/api/v2/oauth/authorize

Query Parameters

ParameterTypeRequiredDescription
response_typestringYesMust be "code"
client_idstringYesYour application's client ID
redirect_uristringYesMust match a registered redirect URI exactly
scopestringNoSpace-separated list of scopes (defaults to "openid")
statestringRecommendedRandom string for CSRF protection
noncestringRecommendedRandom string for replay attack prevention (OpenID Connect)

Response

Cengel ID redirects to your redirect_uri with:

?code=AUTHORIZATION_CODE&state=YOUR_STATE

Or on error:

?error=ERROR_CODE&error_description=DESCRIPTION&state=YOUR_STATE
Error Response Codes
Error CodeTypeDescription
invalid_requeststringRequest is missing a required parameter, includes an invalid parameter value, includes a parameter more than once, or is otherwise malformed
unauthorized_clientstringClient is not authorized to use this authorization flow
access_deniedstringThe resource owner or authorization server denied the request
invalid_scopestringThe requested scope is invalid, unknown, or malformed
server_errorstringThe authorization server encountered an unexpected condition that prevented it from fulfilling the request
temporarily_unavailablestringThe authorization server is currently unable to handle the request due to a temporary overloading or maintenance of the server

Token Endpoint

POST
/api/v2/oauth/token

Request Body (JSON)

{
  "grant_type": "authorization_code",
  "code": "AUTHORIZATION_CODE",
  "client_id": "YOUR_CLIENT_ID",
  "client_secret": "YOUR_CLIENT_SECRET",
  "redirect_uri": "YOUR_REDIRECT_URI"
}
Request Body Fields
FieldTypeRequiredDescription
grant_typestringYesMust be "authorization_code"
codestringYesAuthorization code from the authorization endpoint
client_idstringYesYour application's client ID
client_secretstringYesYour application's client secret
redirect_uristringYesMust match the redirect_uri used in the authorization request

Response

The API returns 200 OK with:

{
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "token_type": "Bearer",
  "expires_in": 1800,
  "refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...",
  "id_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
}
Response Fields
FieldTypeStatusDescription
access_tokenstringRequiredJWT token for API access (expires in 30 minutes)
token_typestringRequiredAlways "Bearer"
expires_innumberRequiredAccess token lifetime in seconds (1800=30 minutes)
refresh_tokenstringRequiredJWT token for obtaining new access tokens (expires in 7 days)
id_tokenstringRequiredJWT containing user identity information (OpenID Connect)

Refresh Token Request

{
  "grant_type": "refresh_token",
  "refresh_token": "YOUR_REFRESH_TOKEN",
  "client_id": "YOUR_CLIENT_ID",
  "client_secret": "YOUR_CLIENT_SECRET"
}

UserInfo Endpoint

GET
/api/v2/oauth/userinfo

Headers

Authorization: Bearer YOUR_ACCESS_TOKEN

Response

The API returns a response structure that depends on the granted scopes. See the User Info section for details.