POST {customer}/tokens/clients

Exchange a given access client id and secret for a Citrix Cloud token local or remote.

Request Information

Authorization header

None.

Note: This endpoint is globally aware. It can handle requests regardless of which geographic location is storing the data.

  • The global functionality only works when using the Global Server Load Balanced (GSLB) address (e.g. core.citrixworkspacesapi.net), rather than a geo direct address (e.g. core-us.citrixworkspacesapi.net).

Access Control

All authorized requests.

URI Parameters

NameDescriptionTypeAdditional information
customer

The account name used when on-boarding the customer. The call will be made using this customer context.

string

Required

The special value root is used if the call is not for a specific customer scope.

Body Parameters

The payload with the client id and secret.

ClientCredentials
NameDescriptionTypeAdditional information
ClientId

The client id.

string

Required

String length: inclusive between 0 and 8192

ClientSecret

The client secret.

string

Required

String length: inclusive between 0 and 8192

Request Content

application/json, text/json

Sample:
{
  "clientId": "3e914a52-4b70-478d-a576-ab025bb6b630",
  "clientSecret": "f779e0ff9026dfe2f3fb=="
}

Response Information

Resource Description

A Citrix Cloud token.

TokenExchangeResult
NameDescriptionTypeAdditional information
Principal

The user email.

string

None.

Locale

The admin locale.

string

None.

Subject

The user id.

string

None.

Token

The Citrix Workspace Cloud token.

string

None.

OpenIdToken

The identity token associated with the bearer token

string

None.

ExpiresIn

Seconds to expire.

integer

None.

Response Content

application/json, text/json

Sample:
{
  "principal": "user@domain.com",
  "locale": null,
  "subject": "454714400451294457025",
  "token": "<cws_token>",
  "openIdToken": null,
  "expiresIn": 3600
}