# Access token {% hint style="info" %} ***This page must be considered part of the iSHARE Framework*** *This page is considered normative and is therefore compliant with RFC 2119.* {% endhint %} OpenID Connect endpoint for obtaining the OAuth access token and OpenID Connect ID token. Response contains, besides the OAuth access token, also an iSHARE-compliant JWT `id_token`. ### Request #### HTTP methods * POST #### Headers * `Content-Type` **String**. Defines the request body content type. MUST be equal to *application/x-www-form-urlencoded*. #### Parameters * `grant_type` **String**. OAuth 2.0 grant type. MUST be equal to *authorization\_code* because the code which was retrieved from the authorise[ endpoint](https://dev.ishare.eu/identity-provider/authorize) will be used. * `client_id` **String**. OpenID Connect 1.0 client ID. This parameter represents the iSHARE identifier of the Service Provider, so "id" must be used. * `client_assertion_type` **String**. OpenID Connect 1.0 client assertion type. Used in iSHARE for all client identification for OAuth/OpenID Connect. MUST be qual to *urn:ietf:params:oauth:client-assertion-type:jwt-bearer*. * `client_assertion` **String (JWT)**. OpenID Connect 1.0 client assertion. Used in iSHARE for all client identification for OAuth/OpenID Connect. MUST contain [JWT token conforming to iSHARE specifications](https://dev.ishare.eu/reference/ishare-jwt), signed by the client. * `redirect_uri` **String**. Redirect URI which was used in the authorisation OAuth request. * `code` **String**. OAuth 2.0 authorisation code. MUST be equal to a value of authorisation code which was received from the Identity Provider or Identity Broker in response to the /authorise request. #### Example ``` > Content-Type: application/x-www-form-urlencoded POST /connect/token grant_type=authorization_code& client_id=did:ishare:EU.NL.NTRLNL-100000001 client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer& client_assertion=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsIng1YyI6WyJNSUlHaURDQ0JIQ2dBd0lCQWdJVVJNSUwrb21nNnY1cFU2cUZPTUZjZUcxWWpEQXdEUVlKS29aSWh2Y05BUUVMQlFBd1hURWVNQndHQTFVRUF3d1ZaVWxFUVZObFUwVkJURTlKUkY5SmMzTkRRVWMwTVJrd0Z3WURWUVJoRXhCT1ZGSk9UQzFwVTBoQlVrVlVSVk5VTVJNd0VRWURWUVFLRXdwcFUwaEJVa1ZVWlhOME1Rc3dDUVlEVlFRR0V3SllXREFlRncweU5ERXhNRFl4TkRRMU5ERmFGdzB5TnpFeE1EWXhORFExTkRCYU1HWXhDekFKQmdOVkJBWVRBazVNTVI0d0hBWURWUVFLREJWVVpYTjBJRk5sY25acFkyVWdRMjl1YzNWdFpYSXhIakFjQmdOVkJBTU1GVlJsYzNRZ1UyVnlkbWxqWlNCRGIyNXpkVzFsY2pFWE1CVUdBMVVFWVF3T1RsUlNUa3d0TVRBd01EQXdNREV3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLQW9JQkFRRFlTS092bUI2VXhFYVlPUFQ3QVBnVTRtYXVTaDl2YlBhY0p0TTNhNGNkek44S2lwcGpvV1NiZ3I2SmI0RmM3dEd2Tms2bnZXWkhsSHpBREZlMGFRSUdsOElEaHVxMUJoWEpUeEhaNGtydy82QUViQy9HUmNndEpkY2FubGMzV2tNNXJNRXNvRFJkOGdPdk5Ubkw3bTUyRElXYjNSUzhiQ2l0Vkg2cW4zaG9XU3dYOVhlZVU2SnJHdTFrcDZsZlQxOXUxekpLWnVCYUIwSWE0dXptTStRU2Qxa1U2UGVDWFErdHJFZlZVUWtQOGcvcnpaR25TSDh1N05xaXd3VWZGU2lhVXlxOVA0SXArSzBKQlR0QXVROXhwUTZ3UXh0MGlvRk5GYjlpcG1jM3h4ZWtvd01SeWtaekVkb0hPL3luWTNXNHNiVFNsMmVONEVtZkh6UUdSTEpMQWdNQkFBR2pnZ0kxTUlJQ01UQU9CZ05WSFE4QkFmOEVCQU1DQmtBd0RBWURWUjBUQVFIL0JBSXdBREFmQmdOVkhTTUVHREFXZ0JTekdrOUNRT25ZZUoxci8vd2tzQkN4TkR6d2lUQlhCZ2dyQmdFRkJRY0JBUVJMTUVrd1J3WUlLd1lCQlFVSE1BR0dPMmgwZEhCek9pOHZZMkUzTG1semFHRnlaWFJsYzNRdWJtVjBPamcwTkRJdlpXcGlZMkV2Y0hWaWJHbGpkMlZpTDNOMFlYUjFjeTl2WTNOd01CQUdBMVVkSUFRSk1BY3dCUVlEVlIwZ01COEdBMVVkSlFRWU1CWUdDQ3NHQVFVRkJ3TUVCZ29yQmdFRUFZSTNDZ01NTUZzR0NDc0dBUVVGQndFREJFOHdUVEFUQmdZRUFJNUdBUVl3Q1FZSEJBQ09SZ0VHQWpBMkJnZ3JCZ0VGQlFjQkF3d3FWR2hwY3lCcGN5QjBaWE4wSUdWelpXRnNJR05sY25ScFptbGpZWFJsSUdadmNpQjBaWE4wYVc1bk1CNEdCV2VCREFNQkJCVXdFeE1EVGxSU0V3Sk9UQXdJTVRBd01EQXdNREV3Z2NjR0ExVWRId1NCdnpDQnZEQ0J1YUNCdHFDQnM0YUJzR2gwZEhCek9pOHZZMkUzTG1semFHRnlaWFJsYzNRdWJtVjBPamcwTkRJdlpXcGlZMkV2Y0hWaWJHbGpkMlZpTDNkbFltUnBjM1F2WTJWeWRHUnBjM1EvWTIxa1BXTnliQ1pwYzNOMVpYSTlRMDRsTTBSbFNVUkJVMlZUUlVGTVQwbEVYMGx6YzBOQlJ6UWxNa052Y21kaGJtbDZZWFJwYjI1SlpHVnVkR2xtYVdWeUpUTkVUbFJTVGt3dGFWTklRVkpGVkVWVFZDVXlRMDhsTTBScFUwaEJVa1ZVWlhOMEpUSkRReVV6UkZoWU1CMEdBMVVkRGdRV0JCUmR5VU5QaXdlMldwcnd6WWd2eVorNmZDMW9OREFOQmdrcWhraUc5dzBCQVFzRkFBT0NBZ0VBc1hackZHNWFqc0ZOZ1RmbG5iVGZENmFML1cwTzl1eXdRN1ZUVHVyWkhib0hUeERJSUwzR3E5VmovZDB2cEpKZ3JmeXNuUi9NQkhDOWZYb25WOVd1d1NLaG85MW1IcXVVYzd5dGx5RndvQU41Uk9WSVIxUkJoVW9zTUcwSmdUdzVQZ1c5eFhCb2dBWis3RUZEaU03MEJKVXIrb2pxbFoyeVlTMzI0SURDcGdGZTl5U1hpbnpUZzgrZDNqQnNRTEUwSVhuUi8rZE5OdGhIaEFsMUhMZmw2d1o5UmJQcFpncDBBZUNjZEtibjFJZlV6ZVBZTW5SeXVEalJnbm1RWVZZRDMxUWE2OGd4NVlzMXFiL2ZZd1NTcGVFUjBaZjA2UzBleFBVWVNodE93UmxZcWlhMno4TGdONFR1cmR3Y0RjVGlqbWVrRTkrL29TU0lUZWhGcm9BMmVITHNxWXRlOGpRZ0ZCUEVjeTJzeUZ3MVZGRHFUYS9HbkpKa29GQ2Y4alBubG5BSEVGSm1raEFaM3hlUDFEYWczMENQK2FvQ1FWTnlraE81WjczVjZCcE5oZHBnYVlYNEIvUVJlUFVocVVvWWJITGVmQWx5TzdTRlJhaHljVytvNjZLNUd1ZXB0Z3RRMkRycmp2Q3RhQ0c4RXRKY3ppaEFqQk4wT1Fac1FXblU4dm9vTHNzK1JtZmc5TVhUUjhrODVjWVQ5Wk1kVS80NnpsZ0FNSWFKaXp2OGo0ZUhhS2dmUkJCMWd3NzFvVzk3b1c1UUtReDg2MVVyUjF1MERKbVNRU1V3Tllsb3BLVlJuSHZYSldVSXJlT3FMZlNTQi8xdVZRZnZxMFV6c0pLZGVPQ0tSTHBYWGd4QjN3N1MyKzVLRkVUUzd0Y2JaNm1JeFpsSmxoMFZSU3M9IiwiTUlJRjJqQ0NBOEtnQXdJQkFnSVVQRzMrVEFueFZPQmNlOU5hUHQ5cFRBZ201UjR3RFFZSktvWklodmNOQVFFTEJRQXdRakVlTUJ3R0ExVUVBd3dWWlVsRVFWTmxVMFZCVEU5SlJGOVRkV0pEUVVjek1STXdFUVlEVlFRS0V3cHBVMGhCVWtWVVpYTjBNUXN3Q1FZRFZRUUdFd0pZV0RBZUZ3MHlNekE0TWpVd09UQXhNekphRncwME9EQTRNalV3T1RBd01EVmFNRjB4SGpBY0JnTlZCQU1NRldWSlJFRlRaVk5GUVV4UFNVUmZTWE56UTBGSE5ERVpNQmNHQTFVRVlSTVFUbFJTVGt3dGFWTklRVkpGVkVWVFZERVRNQkVHQTFVRUNoTUthVk5JUVZKRlZHVnpkREVMTUFrR0ExVUVCaE1DV0Znd2dnSWlNQTBHQ1NxR1NJYjNEUUVCQVFVQUE0SUNEd0F3Z2dJS0FvSUNBUURhblVnTTEvUFF5WE5UWCtVT0xHclpqUzhIYVRXUi9QNHhEOFNNQ1J4T1hIS3pITFFxRVFPdUhEL3crcng5L2JFd3pINHdWZkowbTYvcjU2S09nMHdMVWxWd095aWtPWEdvSVREMnUrVWk5dDI0dFlJa3g4empMRzdWSFZjdzRkWE90OTJzdktZMUx5YnZscHJvV3pUSGxSd29JTzFZUTRoTytyeWJzdy9LRURFWFVia293amxIQVBjd25zT1c2NDM2N0VOK2V6VDFzUzhkekZJeG1HOHFDMkxyTTJzWEpXcXE1dkplRS84NlRmWjJOTU8rQ1V4a2pqN3VQZ2JXMlYvTU9VaFl5QXRHQWp6ZC9Ld09yTE1STVlhWE9JajYxbThSNzFuaC9MVjluOGRuajB3VFFPTlRIaHVNN21kWlF4aHFPZGtMMmNrU3JCV2kzYXRFVlQxT2hCUlg0Rm1taElobVNXdUN0Z3lLaURDSW90eUdBc1gybzY4MTdmZWU0UmR0d2Z3OVE0b04zTkFodG9kNjBpT0FXQXBWdCtCVDV0dmRnR09ZV1BjYk1SNXBHemJwMzhkR1V5dXdZWlY0TEFuSUdTbTV5YXVjTkUyRTJ4clFDYkVlWm00UlBzeDVKbGVXemlways0MmQ3dnF2V0Q4OElRY1ErYlpNMlg0ckpCWk5zMTY2Q2x4K202SG1LeEtBTGViVXRqc3pzZ3lIOGNxMTBkK2s0QW84b0NhT1lqdjJJYUViTWQrZlYvVWY4a1BrelR0S2x0dGRxaWl4b0lxeWNYTUVnQmFTZ2t1YjdYb1E2SzI2dFJQSjB3NVFrdXVoM01LdEdFV2ZXN0VFR21wbkNxak92Ni9yQU1KaU1XeWgxSWdMZ05CVVBQN3phVlBwREF0Qzg4T1NKUUlEQVFBQm80R3NNSUdwTUJJR0ExVWRFd0VCL3dRSU1BWUJBZjhDQVFFd0h3WURWUjBqQkJnd0ZvQVU0dWJYMHA2RFZqTjlES3RPV1dNWUFzK0h4ZFF3R0FZRFZSMGdCQkV3RHpBRkJnTlZIU0F3QmdZRVZSMGdBREFwQmdOVkhTVUVJakFnQmdnckJnRUZCUWNEQWdZSUt3WUJCUVVIQXdRR0Npc0dBUVFCZ2pjS0F3d3dIUVlEVlIwT0JCWUVGTE1hVDBKQTZkaDRuV3YvL0NTd0VMRTBQUENKTUE0R0ExVWREd0VCL3dRRUF3SUJCakFOQmdrcWhraUc5dzBCQVFzRkFBT0NBZ0VBWnY1R3VreDBQRXZWUkVJdDhNVGFQZkNINGF3eWlpWXlpMTdoNlI1TExrMXJlcndRc1NTU0hmVnFmdGR3UkYwb2NMcDJQWEpoZTA3NXFWNDA2QzA0Q2phbU5rM2V6OVppTkhDTmpQdGZpZDZvT3hxejFYazhYUGpOWUVsYkFGbVA3ZUtsLzQ0MXZaaEd1ay9SaFhHTnhRYnRvMFExNmc4SVJjR0R2V2dOaHRydEIxRzJ4U210QjFTMnVVcFNhaVpWTk9ya2R6VGhpRUpzZVVSQm9YeFVYSXFwTHlQVFJsNk1NZ1ZhTEdSWVJjM3ZZaWo0QjdNMmhCTjcvY2puR0xzTVZ0Z2JPdjZDVjIxZzJTWG93YmdPcXpCeUg1MVVUUjZPYkhpR2owa1NDQUxHMTRJUVBrelFQaVNwanUrKzlNMmpBalBNM280MjFaT1VETVAyNDZDc3FQWHJUQWJQWEpWVVIvZ2k0dTUza216QzIxMGp2VnE5aEh3ZWx4UU9UUEZobE02RTFDaDRKYjRQUVJMS0RQRmwrNU5XNEZ5MkpBRGp5dXB5VkhuY2RMRXVQeTBQZ0NMMllvMTQ3SFNwUGo0dTdqYzFSbUhVN05PMTJFVjJaQ01mRmxSd2RHdjZpZjhxTzdzLzZscFpKanBQdExFT2JBNXRENGFoYythUE5BaTlXQ2swcGVSbTFLRTVWR0RXS0ZOU05BaUxKTnpQN20yUTZ5OGZPeTM4Y05nRkJoR09GL0tnRUlzVDEwVis1SzVvK3lsVlZ0UFZlUlJFTkV2S085RUxremUwSUhnc1RCLzZjd09pajRweE05SnZhdWowNkdnbGhJaGlJQTZxMGlEVXFCMU1VUjBIemlZOUJzbldZOWtSOGh3VjNPVytuc216dFF3R1ZFdzJralU9IiwiTUlJRmpqQ0NBM2FnQXdJQkFnSVVGajkvM2pHT1JodElwWjk4T0xSdFJIczBBWXN3RFFZSktvWklodmNOQVFFTEJRQXdRVEVkTUJzR0ExVUVBd3dVWlVsRVFWTmxVMFZCVEU5SlJGOVNiMjkwUnpJeEV6QVJCZ05WQkFvVENtbFRTRUZTUlZSbGMzUXhDekFKQmdOVkJBWVRBbGhZTUI0WERUSXpNRGd5TlRBNU1EQTBORm9YRFRRNE1EZ3lOVEE1TURBd05Wb3dRakVlTUJ3R0ExVUVBd3dWWlVsRVFWTmxVMFZCVEU5SlJGOVRkV0pEUVVjek1STXdFUVlEVlFRS0V3cHBVMGhCVWtWVVpYTjBNUXN3Q1FZRFZRUUdFd0pZV0RDQ0FpSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnSVBBRENDQWdvQ2dnSUJBTDduemt5b0ZYV2cxZ2hkRzZmbnV6dXZBZE1Xc20vSSttWDNEYnozSS9LeXFMZFd0N1hHM09XVlNuaG9zQUQyVzJTWG5sR1hxeHllMGhQdEVna1FJZGVsN0ZuRm9zV1dyc0VPcmF0Z1hsbk00TldwWURLTVdFVllybzdoekhnQ1oxMjZaUFFVTGxzNTJOY3ZwUk04UzNkWmsrWEsxa2YzVmVTMEoyaFVTRkVBWkhMeVhDWGtoVG5VSTdxbzF1cjFUbURXWXNOUXd4REdPdTdDUXlaWWRLSXdLcUk5ZUdzUkxnTTZQUWxnM3ZaQ3JvcE9vZE03bG9UdWlyQ2wzVUt3NEhyR2syY09pQWY0SWQvL2VhVkNhZndraktzSlRRdUFhaHVSejRxTXNIWUEza0RReiswK2hnblI3NHIraUxyKzhscjA0NGdsbmFXSVd2ckVHY2lSUitQZWN0ZnJMT1FRSVc3aGExM2R6V296a1QwYWduVDFMay9DR3JnTlhWcWhvc0dDMHJ1QVFQSTZEY1BOeTJJTk05Smd0Q21Cc1NqTU0xODVGSUJYNEN5MTdtNzNoOXJLalhaTXhiNlR4WDdDSVp5ZXNnQVMwYkJSYjZ4SXBLc1pybHJqRWF6c2pDMlZIUlJXT01KV1lxY1hMRDVaTnpHTVpVcjZUdDJ5Q1VBdGFtZWNEQVRLTjYvR2JzeGUwdEFCTjBwazByeDVpYys0VFhkQnJvTjlPQVpjaEg0dEpDc09DS29uQ3pBcFB4VlRoRE5NeHNvb3lGcTlEbWdYaHlFVU9Pb2VTK0ZyNEZnSCtqU0FObS9sMTc4Smg5ZXBmWFE5Z0UvNmFxUHhZak5TQmdTNjBTMUVWcUNweHcyclQxbVVZZUdmd2liVm01M2l4R3B0UjhrdGU3MG5BZ01CQUFHamZUQjdNQThHQTFVZEV3RUIvd1FGTUFNQkFmOHdId1lEVlIwakJCZ3dGb0FVMkx1Yk5TMWJQKy9oYTh2TURNK2lMcnBwZW93d0dBWURWUjBnQkJFd0R6QUZCZ05WSFNBd0JnWUVWUjBnQURBZEJnTlZIUTRFRmdRVTR1YlgwcDZEVmpOOURLdE9XV01ZQXMrSHhkUXdEZ1lEVlIwUEFRSC9CQVFEQWdFR01BMEdDU3FHU0liM0RRRUJDd1VBQTRJQ0FRQjhqcVlVdzdUditXNFpIMDZQcmFGNnpmZEN4VDAzRGhSQ2h3NFovUW0wWFZTMmdSeVJ3Y01wdFFGRVJoUE5PQTIyMXU5THFveloxYUszQjM1d2tjR0QvZEZKZ0pDSkI5NlNNdHRRbDJIcC9FaVF6OVBGRjAyZEJTcnVYaElhcmFQYk0rTklHZG15TjJaeXdHR1hJMWFVN0pEM1hHMjlTaDJBQWRPa3Y4ZEk2Z0VnenQvREhTSUliYWtiYUxkRUljN1dCOTVHVUhjSG5OajU4VHpUU3lWZkJtdGIzdkJLOUpHMElvNk5BUFdRWXgyVlA4K2ZJeWxqYTJkMTI4aGdoMGRzRHJYRkFNKzlBWDhoYWU1dnZ4Vmk4VFdzL3oyaW5nK2sraW1tdFNOZnp6S01pTzdyNXdKQWt5and0VUJsQlN0S0lBNlplcjIycG1TVFpaZXVjSGRFVGhhYmNXUWlkVlptTVAzSWY2aXg1VWV5WDhWNk9BdzBnc0kzSVViOTFRNzZkNHNMV2J6b0dOT05BWUZDMUl5ejB4V2o0N1pkNlA3WjJHZmgxVmlJYk14VmlGRGxObWJFWmZscEVTODdLL3loQlVRL3RuQ05HUW9TZHRzdXl1V2czTmZXYnlKb05aemxVOTZKV3hjcVNhWGt6c2U5ajh3YWhheUtOTTZTV0tTWTFaMDVoOEpTY09DbUZCNUY4VjNiZDVuUC91S2phN0g4TzRHT0FBUE0zT3RHK2VxMzd4Vy94TjBvQXNqYnZ0NG9qblViSnMya2lBeEVkd1h4MEs3bWNQZVM3eldtVnQ4aDRSZGNEbS9QR1REYTltOE9xaFF1Y2s4MFFudXhJVVdWcjdHV2FkaDFMeS90bDArYnZta2NuTzJ5YlJKK2dicVJFSERUZTBzeHN3PT0iLCJNSUlGY3pDQ0ExdWdBd0lCQWdJVUN2ZlN2UWVyakZEbU0yTHZtam9URE9JbkxBd3dEUVlKS29aSWh2Y05BUUVMQlFBd1FURWRNQnNHQTFVRUF3d1VaVWxFUVZObFUwVkJURTlKUkY5U2IyOTBSekl4RXpBUkJnTlZCQW9UQ21sVFNFRlNSVlJsYzNReEN6QUpCZ05WQkFZVEFsaFlNQjRYRFRJek1EZ3lOVEE1TURBd05sb1hEVFE0TURneU5UQTVNREF3TlZvd1FURWRNQnNHQTFVRUF3d1VaVWxFUVZObFUwVkJURTlKUkY5U2IyOTBSekl4RXpBUkJnTlZCQW9UQ21sVFNFRlNSVlJsYzNReEN6QUpCZ05WQkFZVEFsaFlNSUlDSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DQWc4QU1JSUNDZ0tDQWdFQXhWTUtJOVJNaG5PU0EyTG9yZ0VDM1lETmQyaXRuNzJMT2RmUlJVdTQ1Zkc3MEllditFNGtScnpKMWsyM1dYSDVzSFRiY3NscEVUZUFabmowL3hLQllkRUx1d2U2SFg4a0l3ZDFzNldHbFpjMGw3a2kxZm1qNEhxU3N0R0ovQktHajFhNzIzNld3UEpFV0VIcWZ4OVFNRWV1SktsVVNWRkZ5RTRqTXNmWXA4N2lmSXB1d0U4b0xPdzR5a0RET1A1MlRkMDZ2SENJWXJxREJydnhGZEF1RW5GeE54bFBYUkU0Z0xzeWdnNjJIT3hPdUdtaFdmc3k2VGNjSXA1WElPZGoyQ3plb1hKODJtNS9pbUJQSnZrZWZucmpFUVh6aVNFMm1pMklCRHRHUC9Bd0ZXSTdXcHNFeURYV0ltTVNSMFQzQ3VEbWtlUTE0cE5tY3FNcC9icVgzaTFhZXRhZEZUV3N1aGwwbkgyaVJxS1pESnhabFNjdTk5dG9xNUdyZGNGVWN4R1JReWwrc0ZoVWgzWGNCV0pWN1kyd25GTDJ0WTd0aHRROFpQbXpUTzhrUEtDYkVsNVU2Z0NTSWtwUlBOWkJQRzRkVDBxdSs4QmQ3MVB1N25BeTFpQjRVNnlzMzRjRmxPbEpwR00wRkdyMzVMZWZiUFI4Ymd6Nk05WE5qUmJnTURRY1hETW5maURKN0U4MW9WQnBDWE45eWRIaTFibGhha3VFQmFvYTlNL2themlwR1BtQXV4cldCTW1wMnEwd3pRcDlHUzJlOGtlSklEd0p1eXpFTGFSWkM0eWpWc1ZaUU1LLy9EKzRKM2JvVTVkckNtbW02QzFyd05SZlNadUZHTmNJWURaZUh0ZUdvQ0Y0RUE1amNnZEZhSVlyRGVqNlZBYWI0MnZONUxVQ0F3RUFBYU5qTUdFd0R3WURWUjBUQVFIL0JBVXdBd0VCL3pBZkJnTlZIU01FR0RBV2dCVFl1NXMxTFZzLzcrRnJ5OHdNejZJdXVtbDZqREFkQmdOVkhRNEVGZ1FVMkx1Yk5TMWJQKy9oYTh2TURNK2lMcnBwZW93d0RnWURWUjBQQVFIL0JBUURBZ0VHTUEwR0NTcUdTSWIzRFFFQkN3VUFBNElDQVFCYmNIeVYyYjVtR3dIV3hDU2JEd3I1VjdQZ1NaSUphMXNjckNuSUhEM1oveXhHN1hwNWNJbEJqNE15NGxSSGpadEpWdlVmVGpGcHNFREV2L1BBcTc0T0lvbE4va1BkTWZUY3pGQkdwdnNacjB4MnlVUEVKelFzVFNMeDBnd1ord3ZvS0hXRTBDN0dxZ2tBQk5yRlc4RkxxUnpOcVhzbU01b0k0YzNWNXN5eHdCWUZEVVk1TVBXZHFKRURmUnZqakpQQ1htS09QMWxPK2krRTA3dnNGcER6SFMyRktCNWM2c1RJWmt2dCtIL0NHNGhWdTZadmNGWFh6djJKSy9Fb1ZaNndVZENsdDRwTGdUUVovVzBxUUNKM0dqRmUvUFo3NG1ja1cxeC96azl6MFZRalVwVHF6M0FqUExJamo2MG5NTFRMcDUwb0ZjTUxqdVhzczB2djR0VWpDVHBzMlFnOW4wR3dMbERSNDJOeXcyVEtjTU1CNnljRW9OaVVFdTBsZ2ExSk0wU1ZTc0ZQN0dTVS9XOVZxYXRLN3hwL1hXOS9HRHZncDNaL3BQTTBFM2kxdHFwL25PVTQzWW9mOFdpNEpKNnpPZ1hCenFReE82TUlMWko0cUVmZW5BdEk3bzk1VHk1eWs5dlJib1VzdHl3c2ZDNkNWc3UwOE5ML3R0dzRPU1hPdmJrUSs3ek14Q1lUOVl5UUQ1bC9sdEMzYmdkai9sQlp6bnNCdUdZTk9CMTZ3RE5jR3B1dWFla3NmUWZCRFBIVCt2UjZnUFZGWnB5Vnd5L3R6SDZOVHBVR0Rqb0hWc0N4VWpZODcwT000RDJKY2o5T0lxcWRsa0NvV082aTRWZWM3c1R6eGlYMzlvTlNyMUc3Q29iYzNzWWRobnhnL3ZsZzFCZUNKODdwMEE9PSJdfQ.eyJpc3MiOiJkaWQ6aXNoYXJlOkVVLk5MLk5UUk5MLTEwMDAwMDAxIiwic3ViIjoiZGlkOmlzaGFyZTpFVS5OTC5OVFJOTC0xMDAwMDAwMSIsImF1ZCI6ImRpZDppc2hhcmU6RVUuTkwuTlRSTkwtMTAwMDAwMDYiLCJqdGkiOiJkeGhKQW1CSEJSeElza2dvVnZCTUpVN1M2MFZxMUVFSCIsImlhdCI6MTU4ODU5NzU1NiwiZXhwIjoxNTg4NTk3NTg2fQ.PHht8pqK-c4lFg5xT2qI8vRAyVBlMUkmfdigQj3czxQEntrmaYcMfHpNghtMTYx_-fVNMRS6CjPxb7IvAYAXNHpuzT30ye42dm4wqNz3gJoDdhY4OB96is70E-WftTp-TQLYoKZG95ezRVp_iwB70MTkl31RnsNS10bP4yKDtvYtzltoFvjORDxAw1kWJnMv8mZlD3iRUo98UCqTHwsXVOSJUHt8pb9-2tsQQUl7oAqKuYzcwqSt6BZYujIOrm8iQ6p7RORqeF7esoGL8-HwvJdWf2Qxgjvc-LQ4FPtiJWJ-d2jnZN8smpZC5EY5VCPLqX6_dH4l05Zl5HPlm4UsFg redirect_uri=https://example.client.com/openid_connect1.0/return& code=Dmn-TbSj7OcKl5ym1j5xZsgkabzVP8dMugC81nzmeW4 ``` (URL encoding removed, and line breaks added for readability) ### Response #### Headers * `Content-Type` **String**. Defines response body content type. MUST be equal to *application/json*. * `Cache-Control` **String**. Holds instructions for caching. MUST be equal to *no-store*. * `Pragma` **String**. It is used for backwards compatibility with HTTP/1.0 caches, where the `Cache-Control` The HTTP/1.1 header is not yet present. MUST be equal to *no-cache*. #### HTTP status codes * **200 OK** When a valid request is sent, an OK result should be returned. * **400 Bad Request** When an invalid request is sent, a Bad Request result should be returned. #### Parameters * `id_token` **String (JWT)** ID Token value associated with the authenticated session. To understand its structure, please refer to the [section below](#id-token-parameter-jwt). * `access_token` **String**. The access token will be used to access endpoints that require authorisation. * `token_type` **String**. Since we follow the OpenID Connect 1.0 specification, which is on top of the OAuth 2.0 specification, the value should be equal to *Bearer*. * `expires_in` **Integer**. Access token expiration time in seconds. Should be *3600*. #### ID Token Parameter JWT In response to the */token* endpoint request, an `id_token` is provided to the client (as an addition to the regular OAuth access token response). This `id_token` is an iSHARE-compliant JWT; however, the `sub` parameter is changed, and additional parameters are added. The `id_token` contains the modified `sub` parameter and the following additional parameters: * `sub` **String**. OpenID Connect 1.0 locally unique and never reassigned identifier within the Identity Provider for the Human Service Consumer, which is intended to be consumed by the client. Also known as the iSHARE human pseudonym. To understand more about this value, please refer to the [human pseudonym section](#human-pseudonym). * `auth_time` **String**. OpenID Connect 1.0 time when the Human Service Consumer authentication occurred. Formatted in Unix timestamp format. * `nonce` **String**. OpenID Connect 1.0 value used to associate a client session with an ID Token. Contains value as passed in to the /openid\_connect1.0/authorise endpoint. The client application needs to verify if the sent value is equal to the value which comes back from the IdP /token endpoint response. * `acr` **String**. OpenID Connect 1.0 authentication context class reference value. MUST either contain *urn:*, *urn:* or *urn:*, depending on the quality of the authentication method. To understand the requirements for each level of assurance, please look at the [LOA table](#levels-of-assurance). * `azp` **String**. *Optional*. OpenID Connect 1.0 authorised party. MUST be identical to the client\_id that requested the ID Token. Also identical to aud. **Example** ```json { "iss": "did:ishare:EU.NL.NTRLNL-87654321", "sub": "419404e1-07ce-4d80-9e8a-eca94vde0003de", "aud": "did:ishare:EU.NL.NTRLNL-12345678", "jti": "378a47c4-2822-4ca5-a49a-7e5a1cc7ea59", "iat": 1504683445, "exp": 1504683475, "auth_time": 1504683435, "nonce": "c428224ca5a", "acr": "urn:http://eidas.europa.eu/LoA/NotNotified/low", "azp": "did:ishare:EU.NL.NTRLNL-12345678", } ``` #### **Levels of Assurance** |

Level of

Assurance

| **Identity assurance** | | ----------------------------------------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------- | | Low |
  • Present ID from authoritative source
| | Substantial |
  • Present ID from authoritative source
  • ID verification performed by registration authority
| | High |
  • In-person ID proofing at registration authority
  • ID verification using official government sources and documents
| ### **Human Pseudonym** An essential part of the Human2Machine flow is the pseudonym used to refer to humans without exposing their identity. Pseudonyms are used to obscure the real identities of the human users for privacy issues. A human user may be representing more than one organization, which the service provider may not need to know about. If such user uses a single identity then he could be unwillingly giving away this possibly sensitive information. Using pseudonyms, the user’s identities are not easily linked to each other. On the other hand, some use cases may require the user’s identities to be linkable to service the user better. In this case the use of pseudonym makes sense as a user could always link them together on his own will. The following is a list of criteria for generating pseudonyms: * The generation of a pseudonym MUST be non predictable; * The exact method of generating the pseudonym is left out to Identity Providers; * The Identity Provider MUST be able to identify the human user from the pseudonym; * The pseudonym MUST depend on the human user; * The pseudonym MUST depend on the Identity Provider; * The pseudonym MUST depend on the Service Provider. {% hint style="info" %} One of the approaches to solve this issue could be a storage with user’s identifier, service provider’s identifier and UUID/GUID assigned for the combination which in this case would be called *human pseudonym*. {% endhint %} #### 200 OK Example ```json < Content-Type: application/json < Cache-Control: no-store < Pragma: no-cache { "id_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCIsIng1YyI6WyJNSUlHaWpDQ0JIS2dBd0lCQWdJVUFRY2VVOGN2OVNBWWRJUUJXMks1YXdPRGRzY3dEUVlKS29aSWh2Y05BUUVMQlFBd1hURWVNQndHQTFVRUF3d1ZaVWxFUVZObFUwVkJURTlKUkY5SmMzTkRRVWMwTVJrd0Z3WURWUVJoRXhCT1ZGSk9UQzFwVTBoQlVrVlVSVk5VTVJNd0VRWURWUVFLRXdwcFUwaEJVa1ZVWlhOME1Rc3dDUVlEVlFRR0V3SllXREFlRncweU5ERXhNRFl4TkRRek1qVmFGdzB5TnpFeE1EWXhORFF6TWpSYU1HZ3hDekFKQmdOVkJBWVRBazVNTVI4d0hRWURWUVFLREJaVVpYTjBJRWxrWlc1MGFYUjVJRkJ5YjNacFpHVnlNUjh3SFFZRFZRUUREQlpVWlhOMElFbGtaVzUwYVhSNUlGQnliM1pwWkdWeU1SY3dGUVlEVlFSaERBNU9WRkpPVEMweE1EQXdNREF3TmpDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTXBCc3A1eUV4Y3NabUI5cGRCR1FKeWJEMWVzZFBnY3ZURk96V1RGNTM2aTcrQ1puTjFVNVdGTFlROFV3MHJjMkxRU0JMZ016ZWtQd3lGcVFWdjY2V01WNFhmYzFSK1IzbW40OFJCbGMweEQxU1VYWnBKZGRqbFd1NUhQWmVwYTZ0RnJwMGFOSzlHRy9ML0VNejBROExOSzdPUEszdGlXSXlaSkR5WHJSaFZJaWVPVkRmbnMrb3RZeE9ZLzJJek43REJsT1BaSHpnUEh5OGJiVlJnQ0E1TVozNW1oV2F4ejhNOEx5OE1OakFnaE85S3FjcjlLcjRKWjVOK1IveVE1OFFqWEZaaytRV0JNbEZELzBveGE2cnZ2dytvT0ViMHFMSW9UKzhvVGVWZmNpNWhpYm5aeUh0N1RRV29NbmlmNDkyQnlGZmhMc2hSYmZXZFVGVEE3KzRjQ0F3RUFBYU9DQWpVd2dnSXhNQTRHQTFVZER3RUIvd1FFQXdJR1FEQU1CZ05WSFJNQkFmOEVBakFBTUI4R0ExVWRJd1FZTUJhQUZMTWFUMEpBNmRoNG5Xdi8vQ1N3RUxFMFBQQ0pNRmNHQ0NzR0FRVUZCd0VCQkVzd1NUQkhCZ2dyQmdFRkJRY3dBWVk3YUhSMGNITTZMeTlqWVRjdWFYTm9ZWEpsZEdWemRDNXVaWFE2T0RRME1pOWxhbUpqWVM5d2RXSnNhV04zWldJdmMzUmhkSFZ6TDI5amMzQXdFQVlEVlIwZ0JBa3dCekFGQmdOVkhTQXdId1lEVlIwbEJCZ3dGZ1lJS3dZQkJRVUhBd1FHQ2lzR0FRUUJnamNLQXd3d1d3WUlLd1lCQlFVSEFRTUVUekJOTUJNR0JnUUFqa1lCQmpBSkJnY0VBSTVHQVFZQ01EWUdDQ3NHQVFVRkJ3RUREQ3BVYUdseklHbHpJSFJsYzNRZ1pYTmxZV3dnWTJWeWRHbG1hV05oZEdVZ1ptOXlJSFJsYzNScGJtY3dIZ1lGWjRFTUF3RUVGVEFURXdOT1ZGSVRBazVNREFneE1EQXdNREF3TmpDQnh3WURWUjBmQklHL01JRzhNSUc1b0lHMm9JR3pob0d3YUhSMGNITTZMeTlqWVRjdWFYTm9ZWEpsZEdWemRDNXVaWFE2T0RRME1pOWxhbUpqWVM5d2RXSnNhV04zWldJdmQyVmlaR2x6ZEM5alpYSjBaR2x6ZEQ5amJXUTlZM0pzSm1semMzVmxjajFEVGlVelJHVkpSRUZUWlZORlFVeFBTVVJmU1hOelEwRkhOQ1V5UTI5eVoyRnVhWHBoZEdsdmJrbGtaVzUwYVdacFpYSWxNMFJPVkZKT1RDMXBVMGhCVWtWVVJWTlVKVEpEVHlVelJHbFRTRUZTUlZSbGMzUWxNa05ESlRORVdGZ3dIUVlEVlIwT0JCWUVGQkFyazlNZHhQVFh4NEYrZ3orTzZZdGNDVmhiTUEwR0NTcUdTSWIzRFFFQkN3VUFBNElDQVFDL1FPWmY5UGN0dG82cXgwMEQ1WTBFVDVGRU9mUzc3RzYvVTQ5bmJnTm9vVnlHMlY2N0lHOHNJNHozbXU0ZC9NbWdKbjJBWG81eWhONERhaStkakZmbHpXYVpmRjFneXo3V28zZmlrOHl6UjBxaUZCZWNxK2tIN09FMkFmS0lQWnNhTGFBenI4UWNZQmFKSUJ0SWx6N284dlpiL2VidnF5ZlRsb1pab2h1TEpMcjVUTUUwKzRKQWlueGgzaU44cHpxb3piVFdQMXNKdnMzdWxKUVA2eTFsNi9zbXJucnJEV2RHMjhBTVFRMEtaTjN3cHRVYUhpTnR5REd1Y1JmTVpPY0JzVGMrYXIrWmlGd09ZaE9BNGpYbzdsYVZaS0ZoZHE0eEZCdjczZkJTcTE0N2Z1VEMwSUZIVlprOVE4bzFUWjV5T1Fmc2lhcEVGKzlNU3ZoWWZWU0FzeUplZjgySnpNc2tDZ2R5eHMvWjdqa3ZPcWVkNGRWQUxlbDRDc3hUajducjB4bktZVXphOWdQWDlJOHpYOGtxYzdJRWRlNkcrNy9xb09YaVVwWHBiMzZRQ081ei8rK1FJS1pVNWF1dTNDUTZndE5kUGpwckN5SHNKNmg2MW9oRUwrc0JFOC8xMmhnTXViVFNMWjMvVDlIT0xvYTZLZjJ6dmZwQ0d5eHFpdXFPY3c4NVV3TGhiOEdodUNmWXJJQzlLR2pIZmliQXJEQXZYeERvLzg5RU5VKzI4K213NEJvNHRmcjdGQktDY0ZCVkhNeHRBdUtSMlJoY0dRZlJPNTluQ2lVM1FuQ1JIQldGeVp4bXNpQXExazJiSnRIRHpLNDFDSm1wSVBEdUUvVEVvazN6SUtya1E0UUlaNXoyaEhlcHptWGhHRkc0QVdpei9iSUdlOGY5bmc9PSIsIk1JSUYyakNDQThLZ0F3SUJBZ0lVUEczK1RBbnhWT0JjZTlOYVB0OXBUQWdtNVI0d0RRWUpLb1pJaHZjTkFRRUxCUUF3UWpFZU1Cd0dBMVVFQXd3VlpVbEVRVk5sVTBWQlRFOUpSRjlUZFdKRFFVY3pNUk13RVFZRFZRUUtFd3BwVTBoQlVrVlVaWE4wTVFzd0NRWURWUVFHRXdKWVdEQWVGdzB5TXpBNE1qVXdPVEF4TXpKYUZ3MDBPREE0TWpVd09UQXdNRFZhTUYweEhqQWNCZ05WQkFNTUZXVkpSRUZUWlZORlFVeFBTVVJmU1hOelEwRkhOREVaTUJjR0ExVUVZUk1RVGxSU1Rrd3RhVk5JUVZKRlZFVlRWREVUTUJFR0ExVUVDaE1LYVZOSVFWSkZWR1Z6ZERFTE1Ba0dBMVVFQmhNQ1dGZ3dnZ0lpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElDRHdBd2dnSUtBb0lDQVFEYW5VZ00xL1BReVhOVFgrVU9MR3JaalM4SGFUV1IvUDR4RDhTTUNSeE9YSEt6SExRcUVRT3VIRC93K3J4OS9iRXd6SDR3VmZKMG02L3I1NktPZzB3TFVsVndPeWlrT1hHb0lURDJ1K1VpOXQyNHRZSWt4OHpqTEc3VkhWY3c0ZFhPdDkyc3ZLWTFMeWJ2bHByb1d6VEhsUndvSU8xWVE0aE8rcnlic3cvS0VERVhVYmtvd2psSEFQY3duc09XNjQzNjdFTitlelQxc1M4ZHpGSXhtRzhxQzJMck0yc1hKV3FxNXZKZUUvODZUZloyTk1PK0NVeGtqajd1UGdiVzJWL01PVWhZeUF0R0FqemQvS3dPckxNUk1ZYVhPSWo2MW04UjcxbmgvTFY5bjhkbmowd1RRT05USGh1TTdtZFpReGhxT2RrTDJja1NyQldpM2F0RVZUMU9oQlJYNEZtbWhJaG1TV3VDdGd5S2lEQ0lvdHlHQXNYMm82ODE3ZmVlNFJkdHdmdzlRNG9OM05BaHRvZDYwaU9BV0FwVnQrQlQ1dHZkZ0dPWVdQY2JNUjVwR3picDM4ZEdVeXV3WVpWNExBbklHU201eWF1Y05FMkUyeHJRQ2JFZVptNFJQc3g1SmxlV3ppcGsrNDJkN3ZxdldEODhJUWNRK2JaTTJYNHJKQlpOczE2NkNseCttNkhtS3hLQUxlYlV0anN6c2d5SDhjcTEwZCtrNEFvOG9DYU9ZanYySWFFYk1kK2ZWL1VmOGtQa3pUdEtsdHRkcWlpeG9JcXljWE1FZ0JhU2drdWI3WG9RNksyNnRSUEowdzVRa3V1aDNNS3RHRVdmVzdFRUdtcG5DcWpPdjYvckFNSmlNV3loMUlnTGdOQlVQUDd6YVZQcERBdEM4OE9TSlFJREFRQUJvNEdzTUlHcE1CSUdBMVVkRXdFQi93UUlNQVlCQWY4Q0FRRXdId1lEVlIwakJCZ3dGb0FVNHViWDBwNkRWak45REt0T1dXTVlBcytIeGRRd0dBWURWUjBnQkJFd0R6QUZCZ05WSFNBd0JnWUVWUjBnQURBcEJnTlZIU1VFSWpBZ0JnZ3JCZ0VGQlFjREFnWUlLd1lCQlFVSEF3UUdDaXNHQVFRQmdqY0tBd3d3SFFZRFZSME9CQllFRkxNYVQwSkE2ZGg0bld2Ly9DU3dFTEUwUFBDSk1BNEdBMVVkRHdFQi93UUVBd0lCQmpBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQWdFQVp2NUd1a3gwUEV2VlJFSXQ4TVRhUGZDSDRhd3lpaVl5aTE3aDZSNUxMazFyZXJ3UXNTU1NIZlZxZnRkd1JGMG9jTHAyUFhKaGUwNzVxVjQwNkMwNENqYW1OazNlejlaaU5IQ05qUHRmaWQ2b094cXoxWGs4WFBqTllFbGJBRm1QN2VLbC80NDF2WmhHdWsvUmhYR054UWJ0bzBRMTZnOElSY0dEdldnTmh0cnRCMUcyeFNtdEIxUzJ1VXBTYWlaVk5PcmtkelRoaUVKc2VVUkJvWHhVWElxcEx5UFRSbDZNTWdWYUxHUllSYzN2WWlqNEI3TTJoQk43L2NqbkdMc01WdGdiT3Y2Q1YyMWcyU1hvd2JnT3F6QnlINTFVVFI2T2JIaUdqMGtTQ0FMRzE0SVFQa3pRUGlTcGp1Kys5TTJqQWpQTTNvNDIxWk9VRE1QMjQ2Q3NxUFhyVEFiUFhKVlVSL2dpNHU1M2ttekMyMTBqdlZxOWhId2VseFFPVFBGaGxNNkUxQ2g0SmI0UFFSTEtEUEZsKzVOVzRGeTJKQURqeXVweVZIbmNkTEV1UHkwUGdDTDJZbzE0N0hTcFBqNHU3amMxUm1IVTdOTzEyRVYyWkNNZkZsUndkR3Y2aWY4cU83cy82bHBaSmpwUHRMRU9iQTV0RDRhaGMrYVBOQWk5V0NrMHBlUm0xS0U1VkdEV0tGTlNOQWlMSk56UDdtMlE2eThmT3kzOGNOZ0ZCaEdPRi9LZ0VJc1QxMFYrNUs1byt5bFZWdFBWZVJSRU5FdktPOUVMa3plMElIZ3NUQi82Y3dPaWo0cHhNOUp2YXVqMDZHZ2xoSWhpSUE2cTBpRFVxQjFNVVIwSHppWTlCc25XWTlrUjhod1YzT1crbnNtenRRd0dWRXcya2pVPSIsIk1JSUZqakNDQTNhZ0F3SUJBZ0lVRmo5LzNqR09SaHRJcFo5OE9MUnRSSHMwQVlzd0RRWUpLb1pJaHZjTkFRRUxCUUF3UVRFZE1Cc0dBMVVFQXd3VVpVbEVRVk5sVTBWQlRFOUpSRjlTYjI5MFJ6SXhFekFSQmdOVkJBb1RDbWxUU0VGU1JWUmxjM1F4Q3pBSkJnTlZCQVlUQWxoWU1CNFhEVEl6TURneU5UQTVNREEwTkZvWERUUTRNRGd5TlRBNU1EQXdOVm93UWpFZU1Cd0dBMVVFQXd3VlpVbEVRVk5sVTBWQlRFOUpSRjlUZFdKRFFVY3pNUk13RVFZRFZRUUtFd3BwVTBoQlVrVlVaWE4wTVFzd0NRWURWUVFHRXdKWVdEQ0NBaUl3RFFZSktvWklodmNOQVFFQkJRQURnZ0lQQURDQ0Fnb0NnZ0lCQUw3bnpreW9GWFdnMWdoZEc2Zm51enV2QWRNV3NtL0krbVgzRGJ6M0kvS3lxTGRXdDdYRzNPV1ZTbmhvc0FEMlcyU1hubEdYcXh5ZTBoUHRFZ2tRSWRlbDdGbkZvc1dXcnNFT3JhdGdYbG5NNE5XcFlES01XRVZZcm83aHpIZ0NaMTI2WlBRVUxsczUyTmN2cFJNOFMzZFprK1hLMWtmM1ZlUzBKMmhVU0ZFQVpITHlYQ1hraFRuVUk3cW8xdXIxVG1EV1lzTlF3eERHT3U3Q1F5WllkS0l3S3FJOWVHc1JMZ002UFFsZzN2WkNyb3BPb2RNN2xvVHVpckNsM1VLdzRIckdrMmNPaUFmNElkLy9lYVZDYWZ3a2pLc0pUUXVBYWh1Uno0cU1zSFlBM2tEUXorMCtoZ25SNzRyK2lMcis4bHIwNDRnbG5hV0lXdnJFR2NpUlIrUGVjdGZyTE9RUUlXN2hhMTNkeldvemtUMGFnblQxTGsvQ0dyZ05YVnFob3NHQzBydUFRUEk2RGNQTnkySU5NOUpndENtQnNTak1NMTg1RklCWDRDeTE3bTczaDlyS2pYWk14YjZUeFg3Q0laeWVzZ0FTMGJCUmI2eElwS3NacmxyakVhenNqQzJWSFJSV09NSldZcWNYTEQ1Wk56R01aVXI2VHQyeUNVQXRhbWVjREFUS042L0dic3hlMHRBQk4wcGswcng1aWMrNFRYZEJyb045T0FaY2hINHRKQ3NPQ0tvbkN6QXBQeFZUaEROTXhzb295RnE5RG1nWGh5RVVPT29lUytGcjRGZ0gralNBTm0vbDE3OEpoOWVwZlhROWdFLzZhcVB4WWpOU0JnUzYwUzFFVnFDcHh3MnJUMW1VWWVHZndpYlZtNTNpeEdwdFI4a3RlNzBuQWdNQkFBR2pmVEI3TUE4R0ExVWRFd0VCL3dRRk1BTUJBZjh3SHdZRFZSMGpCQmd3Rm9BVTJMdWJOUzFiUCsvaGE4dk1ETStpTHJwcGVvd3dHQVlEVlIwZ0JCRXdEekFGQmdOVkhTQXdCZ1lFVlIwZ0FEQWRCZ05WSFE0RUZnUVU0dWJYMHA2RFZqTjlES3RPV1dNWUFzK0h4ZFF3RGdZRFZSMFBBUUgvQkFRREFnRUdNQTBHQ1NxR1NJYjNEUUVCQ3dVQUE0SUNBUUI4anFZVXc3VHYrVzRaSDA2UHJhRjZ6ZmRDeFQwM0RoUkNodzRaL1FtMFhWUzJnUnlSd2NNcHRRRkVSaFBOT0EyMjF1OUxxb3paMWFLM0IzNXdrY0dEL2RGSmdKQ0pCOTZTTXR0UWwySHAvRWlRejlQRkYwMmRCU3J1WGhJYXJhUGJNK05JR2RteU4yWnl3R0dYSTFhVTdKRDNYRzI5U2gyQUFkT2t2OGRJNmdFZ3p0L0RIU0lJYmFrYmFMZEVJYzdXQjk1R1VIY0huTmo1OFR6VFN5VmZCbXRiM3ZCSzlKRzBJbzZOQVBXUVl4MlZQOCtmSXlsamEyZDEyOGhnaDBkc0RyWEZBTSs5QVg4aGFlNXZ2eFZpOFRXcy96MmluZytrK2ltbXRTTmZ6ektNaU83cjV3SkFreWp3dFVCbEJTdEtJQTZaZXIyMnBtU1RaWmV1Y0hkRVRoYWJjV1FpZFZabU1QM0lmNml4NVVleVg4VjZPQXcwZ3NJM0lVYjkxUTc2ZDRzTFdiem9HTk9OQVlGQzFJeXoweFdqNDdaZDZQN1oyR2ZoMVZpSWJNeFZpRkRsTm1iRVpmbHBFUzg3Sy95aEJVUS90bkNOR1FvU2R0c3V5dVdnM05mV2J5Sm9OWnpsVTk2Sld4Y3FTYVhrenNlOWo4d2FoYXlLTk02U1dLU1kxWjA1aDhKU2NPQ21GQjVGOFYzYmQ1blAvdUtqYTdIOE80R09BQVBNM090RytlcTM3eFcveE4wb0FzamJ2dDRvam5VYkpzMmtpQXhFZHdYeDBLN21jUGVTN3pXbVZ0OGg0UmRjRG0vUEdURGE5bThPcWhRdWNrODBRbnV4SVVXVnI3R1dhZGgxTHkvdGwwK2J2bWtjbk8yeWJSSitnYnFSRUhEVGUwc3hzdz09IiwiTUlJRmN6Q0NBMXVnQXdJQkFnSVVDdmZTdlFlcmpGRG1NMkx2bWpvVERPSW5MQXd3RFFZSktvWklodmNOQVFFTEJRQXdRVEVkTUJzR0ExVUVBd3dVWlVsRVFWTmxVMFZCVEU5SlJGOVNiMjkwUnpJeEV6QVJCZ05WQkFvVENtbFRTRUZTUlZSbGMzUXhDekFKQmdOVkJBWVRBbGhZTUI0WERUSXpNRGd5TlRBNU1EQXdObG9YRFRRNE1EZ3lOVEE1TURBd05Wb3dRVEVkTUJzR0ExVUVBd3dVWlVsRVFWTmxVMFZCVEU5SlJGOVNiMjkwUnpJeEV6QVJCZ05WQkFvVENtbFRTRUZTUlZSbGMzUXhDekFKQmdOVkJBWVRBbGhZTUlJQ0lqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FnOEFNSUlDQ2dLQ0FnRUF4Vk1LSTlSTWhuT1NBMkxvcmdFQzNZRE5kMml0bjcyTE9kZlJSVXU0NWZHNzBJZXYrRTRrUnJ6SjFrMjNXWEg1c0hUYmNzbHBFVGVBWm5qMC94S0JZZEVMdXdlNkhYOGtJd2QxczZXR2xaYzBsN2tpMWZtajRIcVNzdEdKL0JLR2oxYTcyMzZXd1BKRVdFSHFmeDlRTUVldUpLbFVTVkZGeUU0ak1zZllwODdpZklwdXdFOG9MT3c0eWtERE9QNTJUZDA2dkhDSVlycURCcnZ4RmRBdUVuRnhOeGxQWFJFNGdMc3lnZzYySE94T3VHbWhXZnN5NlRjY0lwNVhJT2RqMkN6ZW9YSjgybTUvaW1CUEp2a2VmbnJqRVFYemlTRTJtaTJJQkR0R1AvQXdGV0k3V3BzRXlEWFdJbU1TUjBUM0N1RG1rZVExNHBObWNxTXAvYnFYM2kxYWV0YWRGVFdzdWhsMG5IMmlScUtaREp4WmxTY3U5OXRvcTVHcmRjRlVjeEdSUXlsK3NGaFVoM1hjQldKVjdZMnduRkwydFk3dGh0UThaUG16VE84a1BLQ2JFbDVVNmdDU0lrcFJQTlpCUEc0ZFQwcXUrOEJkNzFQdTduQXkxaUI0VTZ5czM0Y0ZsT2xKcEdNMEZHcjM1TGVmYlBSOGJnejZNOVhOalJiZ01EUWNYRE1uZmlESjdFODFvVkJwQ1hOOXlkSGkxYmxoYWt1RUJhb2E5TS9rYXppcEdQbUF1eHJXQk1tcDJxMHd6UXA5R1MyZThrZUpJRHdKdXl6RUxhUlpDNHlqVnNWWlFNSy8vRCs0SjNib1U1ZHJDbW1tNkMxcndOUmZTWnVGR05jSVlEWmVIdGVHb0NGNEVBNWpjZ2RGYUlZckRlajZWQWFiNDJ2TjVMVUNBd0VBQWFOak1HRXdEd1lEVlIwVEFRSC9CQVV3QXdFQi96QWZCZ05WSFNNRUdEQVdnQlRZdTVzMUxWcy83K0ZyeTh3TXo2SXV1bWw2akRBZEJnTlZIUTRFRmdRVTJMdWJOUzFiUCsvaGE4dk1ETStpTHJwcGVvd3dEZ1lEVlIwUEFRSC9CQVFEQWdFR01BMEdDU3FHU0liM0RRRUJDd1VBQTRJQ0FRQmJjSHlWMmI1bUd3SFd4Q1NiRHdyNVY3UGdTWklKYTFzY3JDbklIRDNaL3l4RzdYcDVjSWxCajRNeTRsUkhqWnRKVnZVZlRqRnBzRURFdi9QQXE3NE9Jb2xOL2tQZE1mVGN6RkJHcHZzWnIweDJ5VVBFSnpRc1RTTHgwZ3daK3d2b0tIV0UwQzdHcWdrQUJOckZXOEZMcVJ6TnFYc21NNW9JNGMzVjVzeXh3QllGRFVZNU1QV2RxSkVEZlJ2ampKUENYbUtPUDFsTytpK0UwN3ZzRnBEekhTMkZLQjVjNnNUSVprdnQrSC9DRzRoVnU2WnZjRlhYenYySksvRW9WWjZ3VWRDbHQ0cExnVFFaL1cwcVFDSjNHakZlL1BaNzRtY2tXMXgvems5ejBWUWpVcFRxejNBalBMSWpqNjBuTUxUTHA1MG9GY01ManVYc3MwdnY0dFVqQ1RwczJRZzluMEd3TGxEUjQyTnl3MlRLY01NQjZ5Y0VvTmlVRXUwbGdhMUpNMFNWU3NGUDdHU1UvVzlWcWF0Szd4cC9YVzkvR0R2Z3AzWi9wUE0wRTNpMXRxcC9uT1U0M1lvZjhXaTRKSjZ6T2dYQnpxUXhPNk1JTFpKNHFFZmVuQXRJN285NVR5NXlrOXZSYm9Vc3R5d3NmQzZDVnN1MDhOTC90dHc0T1NYT3Zia1ErN3pNeENZVDlZeVFENWwvbHRDM2JnZGovbEJaem5zQnVHWU5PQjE2d0ROY0dwdXVhZWtzZlFmQkRQSFQrdlI2Z1BWRlpweVZ3eS90ekg2TlRwVUdEam9IVnNDeFVqWTg3ME9NNEQySmNqOU9JcXFkbGtDb1dPNmk0VmVjN3NUenhpWDM5b05TcjFHN0NvYmMzc1lkaG54Zy92bGcxQmVDSjg3cDBBPT0iXX0.eyJpc3MiOiJkaWQ6aXNoYXJlOkVVLk5MLk5UUk5MLTEwMDAwMDA2Iiwic3ViIjoiNDE5NDA0ZTEtMDdjZS00ZDgwLTllOGEtZWNhOTR2ZGUwMDAzZGUiLCJhdWQiOiJkaWQ6aXNoYXJlOkVVLk5MLk5UUk5MLTEwMDAwMDAxIiwianRpIjoiNzgyYmIzOWUtMjQ4YS00NzA4LWI2MmUtZWZiMDVmYzM2MDQyIiwiZXhwIjoiMTU4ODkyNjczMiIsImlhdCI6IjE1ODg5MjY3MDIiLCJhdXRoX3RpbWUiOiIxNTg4OTI2NzAyIiwibm9uY2UiOiJjNDI4MjI0Y2E1YSIsImFjciI6InVybjpodHRwOi8vZWlkYXMuZXVyb3BhLmV1L0xvQS9Ob3ROb3RpZmllZC9sb3ciLCJhenAiOiJkaWQ6aXNoYXJlOkVVLk5MLk5UUk5MLTEwMDAwMDAxIn0.jmw_q2n2aEfdVUJPB4-FF2uOTnHSycoecOqB59Pqf6KgMKwgZQ9N7cPBEGkZqspOnJqLfj9w9xIgJSWKcwUdv4OqWgGGCFqzupMOxGtGgNAC-tTzKFLuwgjUbO5BYizgNaz-qBhjAwBIwxhUQBWQ_Gwwz1HYhWSb-xBkllsRTGa2siO2ZGrJSD-bni339kWTv8Uf5eSK4q1gLiTfuvI1kYu2KD4laV33770TRpVSOzJsZOzlLYeSJXjNwOnsu4KmarOBupdgP3ZdPcqNm7wHTn7-OkqYMswM3mwbDNeGZopoQ2cl9ZNDxtb1JKtA73EoFDfdjQ53vLFGO_EU-ecDQQ", "access_token": "aW2ys9NGE8RjHPZ4mytQivkWJO5HGQCYJ7VyMBGGDLIOw", "expires_in": 3600, "token_type": "Bearer" } ```