OAuth 2.0
Usage
https://api.wgtwo.com
expects the access token as a Bearer credential in the HTTP Authorization headers:
Authorization: Bearer {access token}
Endpoints
Base URI:
https://id.wgtwo.com
Endpoint | URI | Credentials |
---|---|---|
Token endpoint | https://id.wgtwo.com/oauth2/token | basic auth |
Grant types supported
- Client Credentials
Subject identifier
We use pairwise Subject Identifiers, which will calculate unique subject values for each Sector Identifier. That is, two clients will not be able to correlate end-user activity without the consent of the user.
Note that many of our APIs does include phone numbers, which will provide an ID of the user. The phone scope will therefore be required for most services, but does require user consent.
JSON Web Key Set
JWKS endpoint: https://id.wgtwo.com/.well-known/jwks.json
All issued JWTs are signed using the RS256 signing algorithm.
The JWT is signed using one of these keys, but the endpoint may contain multiple keys to allow key rotation.
It is recommended to use a library that fetches the keys dynamically as they may be re rotated without notice.