Accessing the protected REST API using an access token

After obtaining an access token from the Social Security authorization server, you can now call one of our REST APIs by transmitting the access token with your call.

info

Social Security authorization server always produces access tokens of type ’bearer’. This type of token and its transmission method are documented in RFC 6750.

Specifically, to transmit their access token, clients must use the ’Authorization Request Header Field’ method as described in section 2.1 of RFC 6750. Other methods described in this RFC may not be supported by the Social Security REST APIs.

The example below shows how the access token should be transmitted.

GET /resource/1 HTTP/1.1
Host: example.com
Authorization: Bearer mF_9.B5f-4.1JqM

Navigation

Accessing the protected REST API using an access token