--- swagger: "2.0" info: x-ibm-name: oauth-2 title: OAuth 2.0 version: 1.0.0 termsOfService: https://vp1npmqdp01-v1.genco.com:4433 description: "" schemes: - https basePath: /fsc securityDefinitions: clientID: description: The client ID you received when you first registered an app in FedEx Supply Chain API Developer Portal. in: query name: client_id type: apiKey clientIdHeader: in: header type: apiKey name: X-IBM-Client-Id clientSecretHeader: in: header type: apiKey name: X-IBM-Client-Secret security: - clientID: [] paths: /oauth2/authorize: get: produces: - text/html summary: FedEx Supply Chain OAuth 2.0 Authorization endpoint, which brings the FedEx Fulfillment Login page to the user description: description parameters: - name: response_type in: query description: The response_type has to be “code” to indicate to the Authorization Server to receive the authorization code. required: true type: string enum: - code - token - name: scope in: query description: 'One or more scope values to indicate which part of user’s account data you want to access. E.g: Fulfillment_Returns' type: string required: false - name: redirect_uri in: query type: string description: Indicates the URI to return the user to after authorization is complete. required: false - name: state in: query type: string description: A unique ID generated by your application that you can verify later. This will be returned by Authorization Server unmodified. required: false - name: org_name type: string required: true in: query description: Partner or organization name. responses: 200: description: An HTML form for authentication or authorization of this request. 302: description: Redirect to the clients redirect_uri security: - clientID: [] post: consumes: - application/x-www-form-urlencoded produces: - text/html summary: Submit approval to authorization code or access token description: | Submit resource owners approval (or rejection) for the OAuth2 Server to issue an authorization code or access token to the application. security: [] parameters: - name: client_id in: formData description: The client ID you received when you first registered an app in FedEx Supply Chain API Developer Portal. required: true type: string - name: scope in: formData description: 'One or more scope values to indicate which part of user’s account data you want to access. E.g: Fulfillment_Returns' required: true type: string - name: resource-owner in: formData description: Resource owners user name required: true type: string - name: redirect_uri in: formData description: URI the application is requesting this code or token to be redirected to required: true type: string - name: original-url in: formData description: URL of the original authorization request required: true type: string responses: 200: description: Cool /oauth2/token: post: summary: Request Access Tokens and Refresh Token description: This endpoint allows requesting an access token following one of the flows below:- Authorization Code (exchange code for access token) - Refresh Token (exchange refresh token for a new access code) security: [] parameters: - name: grant_type in: formData description: "Indicates the grant type for the API call. Valid Values: •\t“authorization_code”: this is used to retrieve the initial access token. The code parameter must be passed with the authorization code retrieved from the authorize API call. •\t“refresh_token”: this is used to refresh the access token. The code parameter must be passed with the refresh_token value from the initial token API call." type: string required: true enum: - authorization_code - password - client_credentials - refresh_token - name: client_id in: formData description: The client ID you received when you first registered an app in FedEx Supply Chain API Developer Portal. required: true type: string - name: client_secret in: formData description: The client secret you received when you first registered an app in Fulfillment Platform Developer Portal. required: true type: string - name: code in: formData description: The code is either the value of the authorization code or the refresh token, depending on the grant_type. required: false type: string - name: redirect_uri in: formData description: Indicates the URI to return the user to after authorization is complete. required: false type: string - name: username in: formData type: string description: Resource owner username required: false - name: password in: formData type: string description: Resource owner password required: false - name: scope in: formData type: string description: 'One or more scope values to indicate which part of user’s account data you want to access. If it is provided, the default is used based on the settings in your Developer Portal. NOTE: The scope is space delimited list of scope values. Default scope FulFillment_Returns' required: false - name: refresh_token in: formData type: string description: The refresh token that the client wants to exchange for a new access token (refresh_token grant_type) required: false - name: org_name type: string required: true in: header description: Partner or organization name. - name: x-org-name type: string required: true in: header description: Partner or organization name for password flow responses: 200: description: json document containing token, etc. schema: $ref: '#/definitions/access_token_response' 400: description: json document that may contain additional details about the failure produces: - application/json - text/json consumes: - application/x-www-form-urlencoded /oauth/introspect: post: responses: 200: description: 200 OK parameters: - name: token type: string required: false in: formData description: String value of the access_token to be introspected - name: token_type_hint type: string required: false in: formData description: This must contain 'access_token' to indicate the token type x-ibm-configuration: testable: true enforced: true phase: realized type: oauth definitions: access_token_response: type: object additionalProperties: false required: - token_type - access_token - expires_in properties: token_type: enum: - bearer access_token: type: string expires_in: type: integer scope: type: string refresh_token: type: string produces: - application/json x-ibm-endpoints: - endpointUrl: https://api-sandbox.supplychain.fedex.com/api/sandbox type: - development ...