Create Client Credentials: cURL

In this topic, you will learn how to get a client_id and client_secret using curl and the OAuth API. Your client_id and client_secret are used in getting an access_token, which provides the authorization to make a call to a particular Brightcove API. You can see an example of how the access_token is retrieved in the OAuth Quick Start.

Overview

The best, first step to understand the information in this document is to look at the OAuth Overview if you have not done so yet.

There is also a UI for getting the client_id and client_secret:

Requirements

  • A valid Video Cloud account
  • A valid Perform account
  • Ability to run curl from a command line (see the note on curl above)

Overview

Getting the client_id and client_secret is just a POST call to the OAuth service, but you will need to have your account id and also your BC_TOKEN, which you can find in a temporary cookie when you are logged into Studio.

Note: The BC_TOKEN value is a cookie set when you open Studio. It has no relation to the API Management tokens you deal with in Studio.

Steps

Get your BC_TOKEN and account number

You will need to login to Studio to get your BC_TOKEN.

  1. Login to Studio as you normally do.
  2. You need your account number (referred to as the Publisher ID in Studio), which you can get by going to your account profile in Studio:
    Account Information
    Account Information
  3. With any page in Studio open, open the developer tools for the browser, go to the Console, and paste in the following code:

    and press return.

  4. You should see a prompt appear that contains your BC_TOKEN:
    BC_TOKEN
    BC_TOKEN
  5. If you have your BC_TOKEN, go on to the Get client credentials section; if for some reason you did not get your BC_TOKEN using the previous steps, just go to the Console, type document.cookie, and press return.
  6. All cookies for the page will be returned in a semi-colon-separated list. Find the BC_TOKEN cookie in the list, and copy the value:
    BC_TOKEN in Chrome Developer Tools
    BC_TOKEN in Chrome Developer Tools"

Get client_credentials

Now we are ready to make the call to the OAuth service to retrieve client credentials. We have to specify a client application name that we are requesting credentials for - the name is arbitrary, intended to help you keep track of what the credentials are for - and here we will just use "AnalyticsClient." We also have to specify the scope of the operations we want access to, and here we will use video-cloud/player/all perform/player/all (for the Player Management API). See API Operations for Client Credentials Requests for a list of all operations currently supported.

  1. Edit the following curl command, then paste it into the command line and press Return. You must provide your specific values for the following three values:
    • your BC_TOKEN
    • your credential name
    • your account id
    curl \
    --include \
    --header "Authorization: BC_TOKEN YOUR_BC_TOKEN" \
    --data {'name=YOUR_CREDENTIAL_NAME_GOES_HERE&maximum_scope=[{
        "identity": {
          "type": "video-cloud-account","type": "perform-account",
          "account-id": YOUR_ACCOUNT_ID
        },
        "operations": [
          "LIST_OF_OPERATIONS"[1]
        ]
    }]'} \
    https://oauth.brightcove.com/v4/client_credentials

    [1] See API Operations for available operations.

  2. The response should look like this (formatting added):
    {
        "client_secret":"HHxp9xn0yxMqktLEG2DhzjYB4g6AN2cl02KudMvfK-3dT6JRtiR1tUZ7LiwtHI5vqo4VT7LuD6tM4c0llEw2Rw",
        "issued_at":"2014-08-11T17:37:24Z",
        "name":"Test Client",
        "redirect_url":null,
        "description_html":"My my test players app",
        "issued_to":"your email address",
        "client_id":"9309bb5d-90fb-4d3a-aba4-1795dd5fa0b8",
        "maximum_scope":[{
          "identity":{"type":"video-cloud-account"perform-account,
          "account-id":57838016001},
          "operations":["video-cloud/player/all"]["perform/player/all"]
        }],
        "trusted":null,
        "type":"credential",
        "description":"My my test players app",
        "expires_at":null,
        "revoked":null,
        "name_html":"Test Client",
        "issued_user":53255203001
    }
  3. Copy and save the client_id and client_secret, as you will need these anytime you need to get an access_token.