ReqClientCredentials

Req plugin for OAuth 2.0 client credentials flow authentication. This plugin accepts all the options of Req itself under the :client_credentials key. The access token will be cached and reused for subsequent requests, if the response to the authenticated :url returns a 401 response then this plugin will refresh the access token (only refreshes one time). If an :audience is included in :form or :json option for :client_credentials then this plugin will only run if the host and port of the authenticated :url match that of the :audience. The :url option within :client_credentials is the URL this plugin will make a POST request to for creating a bearer token.

Usage

Req.new(url: "https://api.example.com/path")
|> ReqClientCredentials.attach()
|> Req.get!(
  client_credentials: [
    form: [
      audience: "https://api.example.com",
      client_id: System.get_env("EXAMPLE_CLIENT_ID"),
      client_secret: System.get_env("EXAMPLE_CLIENT_SECRET")
    ],
    url: "https://auth.example.com/oauth/token",
  ]
)
#=> %Req.Response{}