Jetzt verfügbar:  monatliche Berichte und BerichtsvorlagenMehr Infos

How to use OAuth2 within Powershell for getting a longer lasting login


1 Kommentar

  • Offizieller Kommentar
    Johannes Schreier

    Hi Sascha,


    we have a little sample for scripting with PowerShell using OAuth.

    Just create a new OAuth Client like this:

    The Redirect URI is just the URI of the system.


    Now we can use this client like this:

     # Use TLS 1.2

    [System.Net.ServicePointManager]::SecurityProtocol = [System.Net.SecurityProtocolType]::Tls12;

    # Set Username and Password for first login, escape special characters since we use them in URI parameters

    $username = [uri]::EscapeDataString('')

    $password = [uri]::EscapeDataString('SecretUserPassword')

    # Create the credential object of our OAuth client

    $clientId = 'OAuthClientID'

    $clientSecret = 'OAuthClientSecret' | ConvertTo-SecureString -asPlainText -Force

    $credential = New-Object System.Management.Automation.PSCredential($clientId,$clientSecret)

    # First login with username and password

    $tokenResponse = Invoke-WebRequest -Credential $credential -Method Post -Uri "$username&password=$password"

    # This is our new access token for use in 'Authorization' header against the DRACOON api

    $accessToken = (ConvertFrom-Json $tokenResponse.Content).token_type + ' ' +(ConvertFrom-Json $tokenResponse.Content).access_token

    # Just an example: get user account

    $userAccount = Invoke-RestMethod -Method Get -Uri '' -ContentType 'application/json' -Headers @{authorization = $accessToken}

    # This is our long lasting refresh token we got in the token response

    $refreshToken = (ConvertFrom-Json $tokenResponse.Content).refresh_token

    # Now if the first access token is expired we could use the refresh token to get a new one

    $refreshTokenResponse = Invoke-WebRequest -Credential $credential -Method Post -Uri "$refreshToken" 


    The default access token validity is 8 hours and the default refresh token validity is 30 days. This can be adjusted to your needs via the api.


    Best regards,


    Aktionen für Kommentare Permalink

Bitte melden Sie sich an, um einen Kommentar zu hinterlassen.