GetSTSAuthorizationAccessToken method of GAMRepository Object

Official Content
This documentation is valid for:

Gets a Security Token Service (STS) authorization token.


&GAMSTSAuthorizationToken = GAMRepository.GetSTSAuthorizationAccessToken(in: &Client_id, in: &scope, out: &GAMErrors)


     Is GAMSTSAuthorizationToken external object data type.


     Is the ClientID of the GAM Application which requests a Token to make a call to a resource afterwards ("AppA"). It's a GUID.

     Is a string of the form <ApplicationName>.

Note: ApplicationName is the application where the resource to be called is defined ("AppB"). If there is more than one, they should be separated by the '+' sign (e.g: AppB.Prm1+AppB.Prm2...+AppB.PrmN).

     Is a collection of GAMError.


The GAMRepository object of GeneXus Access Manager Library has the GetSTSAuthorizationAccessToken method that is used to get a Security Token Service (STS) authorization token.

For more information about this scenario, read Security Token Service Client Authorization.

Consider the example where a client application (AppA) requests access to another application (AppB) - for example, to execute a service of this application.

This method internally executes the RequestTokenService service explained here.


   &GAMSTSAuthorizationToken = GAMRepository.GetSTSAuthorizationAccessToken(&client_id, &scope, &Errors)
    If &Errors.Count = 0
        &access_token = &GAMSTSAuthorizationToken.access_token
        &GAMSTSAuthorizationToken_Expires_in = &GAMSTSAuthorizationToken.expires_in.ToString()
        &GAMSTSAuthorizationToken_Scope = &GAMSTSAuthorizationToken.scope
        &GAMSTSAuthorizationToken_token_type = &GAMSTSAuthorizationToken.token_type
        msg(format(!"%1 (%2)",&Errors.Item(1).Message,&Errors.Item(1).code))


  • The Scope property of &GAMSTSAuthorizationToken returned is the same as the one passed in parameter. 
  • Expires_in is 0 unless you create a Security Policy in the STS server, with an OAuth token expire (minutes) value different than zero. This security policy should be assigned to the user defined for the AppA STS configuration in the STS server.

    Security Policy configuration:

    User configuration:


Since GeneXus 16 upgrade 4

See Also