System Tokens

An App can obtain a system-level bearer-token for any Covisint Application, provided the clientId and clientSecret are known. Such a token allows access that typically transcends the user-based authorization built-in to Covisint JWT tokens.


Getting a system-level access token.

  clientId: 'your Covisint Application's client id',
  clientSecret: 'your Covisint Application's client secret'
.then(function(token) {
  // something, now that the token has been obtained.
.fail(function(err) {
  // ...handle error.


Cui.js detects the expiration of the returned token and will automatically refresh the token prior to expiration. This feature guarantees that as long as the App is running with a system-token, the token will be valid.