Mashery Local 5.1 OAuth API Compatibility with Mashery Local 4.x

The OAuth feature in Mashery Local 5.1 has two versions of API:
  • /v2/json-rpc
  • /v3/json-rpc
V2 is backward-compatible with the Mashery Local 4.x OAuth API, whereas V3 is the recommended version of the API which is compatible with TIBCO Cloud Mashery. There is no difference in supported methods and input parameters, except for a few differences in the responses mentioned below.

Sample Calls to Mashery Local 5.1 OAuth API

For Mashery Local 4.x response with /v2/json-rpc 
curl -v  -d '{ "method":"oauth2.createAccessToken", "params":{ "service_key":"m9f5kyzfjjrssz6d5sfkbuw3", "client": { "client_id":"4c7fmwh59w3ufn7pxt92qwx9", "client_secret":"UhgX9W" }, "token_data": { "grant_type":"client_credentials", "scope":"scope" }, "uri": { "redirect_uri":"https://yahoo.com/cb" }, "user_context":"testuser" }, "id":1001,"jsonrpc":"2.0"}' 'https://x.x.99.100:8083/v2/json-rpc' -u root:changeme -k
For Mashery Local 5.1 response with /v3/json-rpc 
curl -v  -d '{ "method":"oauth2.createAccessToken", "params":{ "service_key":"m9f5kyzfjjrssz6d5sfkbuw3", "client": { "client_id":"4c7fmwh59w3ufn7pxt92qwx9", "client_secret":"UhgX9W" }, "token_data": { "grant_type":"client_credentials", "scope":"scope" }, "uri": { "redirect_uri":"https://yahoo.com/cb" }, "user_context":"testuser" }, "id":1001,"jsonrpc":"2.0"}' 'https://x.x.99.100:8083/v3/json-rpc' -u root:changeme -k

Differences between V2 and V3 Response

The V2 and V3 responses in OAuth API calls have the following differences:
  • For some fields that were not returned in the response of the call to /v3/json-rpc, for example grant_type, user_context, or scope, these fields are added to the response in the /v2/json-rpc call.
  • For the field refresh_token_expires in Mashery Local 4.x OAuth API response, it is removed from the call for both /v2/json-rpc and /v3/json-rpc calls.
  • All error format error.error.error in a call to /v3/json-rpc is converted to error.data.error in /v2/json-rpc. For example:

  • If the response in /v2/json-rpc is different from the response from a Mashery Local 4.x OAuth API call, it's probably due to a bug in Mashery Local 4.x.