Sample code for 30+ languages & platforms
Go

Get Access Token using a Pre-Created JSON Web Token

See more ABN AMRO Examples

Demonstrates how to get an access token using a pre-created JSON Web Token (JWT).

Chilkat Go Downloads

Go
    success := false

    // This example requires the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // We're going to duplicate this CURL statement:
    // curl -X POST https://api-sandbox.abnamro.com/v1/oauth/token \
    // -H "Content-Type: application/x-www-form-urlencoded" \
    // -H "API-Key: xxxxxx" \
    // -d 'client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer&grant_type=client_credentials&client_assertion=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJ4eHh4eHgiLCJleHAiOiIxNDk5OTQ3NjY4IiwiaXNzIjoibWUiLCJhdWQiOiJodHRwczovL2F1dGgtc2FuZGJveC5hYm5hbXJvLmNvbS9vYXV0aC90b2tlbiJ9.jGwHKG_YjgKpR8NPpaLu6nJ97obeP2vcxg6fOWBKdJ0&scope=tikkie'

    // Load our pre-creaed private key PEM file.
    // Note: Please share your public key along with your app name and developer email id at api.support@nl.abnamro.com. 
    // Token generation will not work unless public key is associated with your app.
    privkey := chilkat.NewPrivateKey()

    success = privkey.LoadPemFile("qa_data/pem/abnAmroPrivateKey.pem")
    if success == false {
        fmt.Println(privkey.LastErrorText())
        privkey.DisposePrivateKey()
        return
    }

    // Create the JWT.
    jwt := chilkat.NewJwt()

    // Create the header:
    // {
    //     "typ": "JWT",
    //     "alg": "RS256"
    // }
    jsonHeader := chilkat.NewJsonObject()
    jsonHeader.UpdateString("typ","JWT")
    jsonHeader.UpdateString("alg","RS256")

    // Create the payload:
    // {
    //     "nbf": 1499947668,
    //     "exp": 1499948668,
    //     "iss": "me",
    //     "sub": "anApiKey",
    //     "aud": "https://auth-sandbox.abnamro.com/oauth/token"
    // }
    jsonPayload := chilkat.NewJsonObject()

    curDateTime := jwt.GenNumericDate(0)

    // Set the "not process before" timestamp to now.
    success = jsonPayload.AddIntAt(-1,"nbf",curDateTime)

    // Set the timestamp defining an expiration time (end time) for the token
    // to be now + 1 hour (3600 seconds)
    success = jsonPayload.AddIntAt(-1,"exp",curDateTime + 3600)

    jsonPayload.UpdateString("iss","me")
    jsonPayload.UpdateString("sub","anApiKey")
    jsonPayload.UpdateString("aud","https://auth-sandbox.abnamro.com/oauth/token")

    // Produce the smallest possible JWT:
    jwt.SetAutoCompact(true)

    jwtStr := jwt.CreateJwtPk(*jsonHeader.Emit(),*jsonPayload.Emit(),privkey)
    if jwt.LastMethodSuccess() == false {
        fmt.Println(jwt.LastErrorText())
        privkey.DisposePrivateKey()
        jwt.DisposeJwt()
        jsonHeader.DisposeJsonObject()
        jsonPayload.DisposeJsonObject()
        return
    }

    http := chilkat.NewHttp()

    req := chilkat.NewHttpRequest()
    req.AddParam("client_assertion_type","urn:ietf:params:oauth:client-assertion-type:jwt-bearer")
    req.AddParam("grant_type","client_credentials")
    req.AddParam("client_assertion",*jwtStr)
    req.AddParam("scope","tikkie")

    req.SetHttpVerb("POST")
    req.SetContentType("application/x-www-form-urlencoded")

    resp := chilkat.NewHttpResponse()
    success = http.HttpReq("https://api-sandbox.abnamro.com/v1/oauth/token",req,resp)
    if success == false {
        fmt.Println(http.LastErrorText())
        privkey.DisposePrivateKey()
        jwt.DisposeJwt()
        jsonHeader.DisposeJsonObject()
        jsonPayload.DisposeJsonObject()
        http.DisposeHttp()
        req.DisposeHttpRequest()
        resp.DisposeHttpResponse()
        return
    }

    if resp.StatusCode() != 200 {
        fmt.Println(resp.BodyStr())
        privkey.DisposePrivateKey()
        jwt.DisposeJwt()
        jsonHeader.DisposeJsonObject()
        jsonPayload.DisposeJsonObject()
        http.DisposeHttp()
        req.DisposeHttpRequest()
        resp.DisposeHttpResponse()
        return
    }

    // Get the JSON result:
    // {
    //     "access_token": "{your access token}",
    //     "expires_in": "{duration of validity in seconds}",
    //     "scope": "{scope(s) for which the access token is valid}",
    //     "token_type": "{it is always Bearer}"
    // }
    json := chilkat.NewJsonObject()
    json.Load(resp.BodyStr())
    fmt.Println("access_token: ", *json.StringOf("access_token"))
    fmt.Println("token_type: ", *json.StringOf("token_type"))
    fmt.Println("expires_in: ", *json.StringOf("expires_in"))
    fmt.Println("scope: ", *json.StringOf("scope"))

    privkey.DisposePrivateKey()
    jwt.DisposeJwt()
    jsonHeader.DisposeJsonObject()
    jsonPayload.DisposeJsonObject()
    http.DisposeHttp()
    req.DisposeHttpRequest()
    resp.DisposeHttpResponse()
    json.DisposeJsonObject()