Known Issue with YBSG Live/Test Interface  - Identity API

 
YBSG have identified a mismatch between their Identity API implementation and the OpenID OAuth 2.0 specifications. This means that TPPs must use two separate resources for generating and regenerating access tokens.
 
Scenario Steps:
1. TPP APP calls Identity API Token resource to generate an access token.
2. TPP APP calls Identity API Token resource with grant_type of refresh_token to regenerate an access token.
 
Expected Result: 
TPP is able to generate and regenerate access tokens from one resource (/token).
 
Actual Result: 
TPP must call the Identity API Refresh Token (/refreshtokens) resource to regenerate an access token.
 
Route Cause: 
YBSG’s current implementation has created two separate resources for generating and regenerating access tokens.
 
Fix:
YBSG is currently working on a fix and plans to release this by the end of April. TPPs will need to call the /token resource with a grant type of refresh_token to generate and regenerate access tokens.