Accessing HIN Protected Applications with Access Token
The URL for accessing with OAuth2 token differs from the usual URL used, for example, for access via HIN Client. The usual URL is prefixed with "oauth2": <application.hin.ch> → <oauth2.application.hin.ch>.
Access with Access Token via curl
curl --header 'Authorization: Bearer <ACCESS_TOKEN>' https://<oauth2.application.hin.ch>
4.1 Status Codes and Responses
| Status Codes | Responses |
|---|---|
| 200 | Request successful |
| 400 | Missing Basic Authentication Header |
| 401 | Access token is invalid or has expired: a new access token must be obtained. |
| 403 | Typically: permissions on the HIN ID for the application are missing. |
Status codes can also be set by the called application. A response with status code 403 can therefore also be generated by the backend.