Reputation: 824
How to securely get access token from Marketo
Marketo Rest API exposes a GET call to oauth/token uri, which exposes clientId and clientSecret parameters to all internet hops between the 2 networks. Am I missing something or is there a way we can securely get an access token?
Upvotes: 0
Views: 349
Answers (2)
Reputation: 824
I actually got my facts wrong, basically this get call is https, and query parameters will be sent encrypted over the wire once it establishes a secure connection to the server. Only caveat I found is that a server admin can read the credentials in clear text if browsed server file system which is a low risk.
Upvotes: 0
Reputation: 527
Marketo also has a POST method for this endpoint where you can send the clientId and clientSecret as x-www-form-urlencoded POST parameters
curl -X POST -H "Cache-Control: no-cache" -H "Content-Type: application/x-www-form-urlencoded" -d 'client_id=MY_CLIENT_ID&client_secret=MY_CLIENT_SECRET&grant_type=client_credentials' "https://MY_MARKETO_URL/identity/oauth/token"
Upvotes: 0
Related Questions
- How to use access tokens to get authorization to access REST APIs
- How do I use Marketo REST API with Postman?
- Sharepoint Rest API Authentication issues with Access Token Header
- Get auth token using post request
- Secure Web API with token c#
- Getting an access token in ASP.NET 5
- use authentication token in restful C#
- Get an access token from sign now REST APIs?
- Asp.net Web Api 2 - how to get access_token from C# code
- REST API token authentication