(Tcl) citi Developer OAuth2 Client Credentials Grant

Get access token for your application credentials. You can use this for citi APIs which do not require customer credential verification and consent (e.g. Onboarding).

For more information, see https://sandbox.developerhub.citi.com/api/united-states/retail-bank/identity-security/authorize/documentation

Chilkat Tcl Extension Downloads Chilkat Tcl Extension Downloads

load ./chilkat.dll

# This example assumes the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

set http [new_CkHttp]

# Implements the following CURL command:

# curl --request POST \
#   --url https://sandbox.apihub.citi.com/gcb/api/clientCredentials/oauth2/token/us/gcb \
#   --header 'accept: application/json' \
#   --user client-id:client-secret \
#   --header 'content-type: application/x-www-form-urlencoded' \
#   --data 'grant_type=client_credentials&scope=%2Fapi'

CkHttp_put_Login $http "client-id"
CkHttp_put_Password $http "client-secret"

set req [new_CkHttpRequest]

CkHttpRequest_put_HttpVerb $req "POST"
CkHttpRequest_put_Path $req "/gcb/api/clientCredentials/oauth2/token/us/gcb"
CkHttpRequest_put_ContentType $req "application/x-www-form-urlencoded"
CkHttpRequest_AddParam $req "grant_type" "client_credentials"
CkHttpRequest_AddParam $req "scope" "/api"
CkHttpRequest_AddHeader $req "accept" "application/json"

# resp is a CkHttpResponse
set resp [CkHttp_PostUrlEncoded $http "https://sandbox.apihub.citi.com/gcb/api/clientCredentials/oauth2/token/us/gcb" $req]
if {[CkHttp_get_LastMethodSuccess $http] == 0} then {
    puts [CkHttp_lastErrorText $http]
    delete_CkHttp $http
    delete_CkHttpRequest $req
    exit
}

set sbResponseBody [new_CkStringBuilder]

CkHttpResponse_GetBodySb $resp $sbResponseBody
set jResp [new_CkJsonObject]

CkJsonObject_LoadSb $jResp $sbResponseBody
CkJsonObject_put_EmitCompact $jResp 0

puts "Response Body:"
puts [CkJsonObject_emit $jResp]

set respStatusCode [CkHttpResponse_get_StatusCode $resp]
puts "Response Status Code = $respStatusCode"
if {$respStatusCode >= 400} then {
    puts "Response Header:"
    puts [CkHttpResponse_header $resp]
    puts "Failed."
    delete_CkHttpResponse $resp

    delete_CkHttp $http
    delete_CkHttpRequest $req
    delete_CkStringBuilder $sbResponseBody
    delete_CkJsonObject $jResp
    exit
}

delete_CkHttpResponse $resp

set success [CkJsonObject_WriteFile $jResp "qa_data/tokens/citi_client_credentials.json"]
if {$success == 0} then {
    puts "Failed to save JSON access token file."
    delete_CkHttp $http
    delete_CkHttpRequest $req
    delete_CkStringBuilder $sbResponseBody
    delete_CkJsonObject $jResp
    exit
}

#  Sample JSON response:
#  (Sample code for parsing the JSON response is shown below)

#  {
#    "token_type": "bearer",
#    "access_token": "AAIkMjdh ... 3fsWb7zJ0s",
#    "expires_in": 1800,
#    "consented_on": 1584817860,
#    "scope": "/api"
#  }

#  Sample code for parsing the JSON response...
#  Use the following online tool to generate parsing code from sample JSON:
#  Generate Parsing Code from JSON

set token_type [CkJsonObject_stringOf $jResp "token_type"]
set access_token [CkJsonObject_stringOf $jResp "access_token"]
set expires_in [CkJsonObject_IntOf $jResp "expires_in"]
set consented_on [CkJsonObject_IntOf $jResp "consented_on"]
set scope [CkJsonObject_stringOf $jResp "scope"]

delete_CkHttp $http
delete_CkHttpRequest $req
delete_CkStringBuilder $sbResponseBody
delete_CkJsonObject $jResp