Sample code for 30+ languages & platforms
PHP ActiveX

Get Access Token using a Pre-Created JSON Web Token

See more ABN AMRO Examples

Demonstrates how to get an access token using a pre-created JSON Web Token (JWT).

Chilkat PHP ActiveX Downloads

PHP ActiveX
<?php

$success = 0;

// This example requires the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.

// We're going to duplicate this CURL statement:
// curl -X POST https://api-sandbox.abnamro.com/v1/oauth/token \
// -H "Content-Type: application/x-www-form-urlencoded" \
// -H "API-Key: xxxxxx" \
// -d 'client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer&grant_type=client_credentials&client_assertion=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJ4eHh4eHgiLCJleHAiOiIxNDk5OTQ3NjY4IiwiaXNzIjoibWUiLCJhdWQiOiJodHRwczovL2F1dGgtc2FuZGJveC5hYm5hbXJvLmNvbS9vYXV0aC90b2tlbiJ9.jGwHKG_YjgKpR8NPpaLu6nJ97obeP2vcxg6fOWBKdJ0&scope=tikkie'

// Load our pre-creaed private key PEM file.
// Note: Please share your public key along with your app name and developer email id at api.support@nl.abnamro.com. 
// Token generation will not work unless public key is associated with your app.
$privkey = new COM("Chilkat.PrivateKey");

$success = $privkey->LoadPemFile('qa_data/pem/abnAmroPrivateKey.pem');
if ($success == 0) {
    print $privkey->LastErrorText . "\n";
    exit;
}

// Create the JWT.
$jwt = new COM("Chilkat.Jwt");

// Create the header:
// {
//     "typ": "JWT",
//     "alg": "RS256"
// }
$jsonHeader = new COM("Chilkat.JsonObject");
$jsonHeader->UpdateString('typ','JWT');
$jsonHeader->UpdateString('alg','RS256');

// Create the payload:
// {
//     "nbf": 1499947668,
//     "exp": 1499948668,
//     "iss": "me",
//     "sub": "anApiKey",
//     "aud": "https://auth-sandbox.abnamro.com/oauth/token"
// }
$jsonPayload = new COM("Chilkat.JsonObject");

$curDateTime = $jwt->GenNumericDate(0);

// Set the "not process before" timestamp to now.
$success = $jsonPayload->AddIntAt(-1,'nbf',$curDateTime);

// Set the timestamp defining an expiration time (end time) for the token
// to be now + 1 hour (3600 seconds)
$success = $jsonPayload->AddIntAt(-1,'exp',$curDateTime + 3600);

$jsonPayload->UpdateString('iss','me');
$jsonPayload->UpdateString('sub','anApiKey');
$jsonPayload->UpdateString('aud','https://auth-sandbox.abnamro.com/oauth/token');

// Produce the smallest possible JWT:
$jwt->AutoCompact = 1;

$jwtStr = $jwt->createJwtPk($jsonHeader->emit(),$jsonPayload->emit(),$privkey);
if ($jwt->LastMethodSuccess == 0) {
    print $jwt->LastErrorText . "\n";
    exit;
}

$http = new COM("Chilkat.Http");

$req = new COM("Chilkat.HttpRequest");
$req->AddParam('client_assertion_type','urn:ietf:params:oauth:client-assertion-type:jwt-bearer');
$req->AddParam('grant_type','client_credentials');
$req->AddParam('client_assertion',$jwtStr);
$req->AddParam('scope','tikkie');

$req->HttpVerb = 'POST';
$req->ContentType = 'application/x-www-form-urlencoded';

$resp = new COM("Chilkat.HttpResponse");
$success = $http->HttpReq('https://api-sandbox.abnamro.com/v1/oauth/token',$req,$resp);
if ($success == 0) {
    print $http->LastErrorText . "\n";
    exit;
}

if ($resp->StatusCode != 200) {
    print $resp->BodyStr . "\n";
    exit;
}

// Get the JSON result:
// {
//     "access_token": "{your access token}",
//     "expires_in": "{duration of validity in seconds}",
//     "scope": "{scope(s) for which the access token is valid}",
//     "token_type": "{it is always Bearer}"
// }
$json = new COM("Chilkat.JsonObject");
$json->Load($resp->BodyStr);
print 'access_token: ' . $json->stringOf('access_token') . "\n";
print 'token_type: ' . $json->stringOf('token_type') . "\n";
print 'expires_in: ' . $json->stringOf('expires_in') . "\n";
print 'scope: ' . $json->stringOf('scope') . "\n";

?>