# `Ltix.OAuth`
[🔗](https://github.com/DecoyLex/ltix/blob/main/lib/ltix/oauth.ex#L1)

OAuth 2.0 client credentials authentication for LTI Advantage services.

Acquires an access token from the platform's token endpoint and returns
an authenticated `Ltix.OAuth.Client` ready for service calls.

## Single service

    {:ok, client} = Ltix.OAuth.authenticate(registration,
      endpoints: %{Ltix.MembershipsService => endpoint}
    )

## Multiple services

    {:ok, client} = Ltix.OAuth.authenticate(registration,
      endpoints: %{
        Ltix.MembershipsService => memberships_endpoint,
        Ltix.GradeService => ags_endpoint
      }
    )

Scopes from all endpoints are combined into a single token request.

## Options

* `:endpoints` (`t:map/0`) - Required. Map of service modules to endpoint structs.

* `:req_options` (`t:keyword/0`) - Options passed through to `Req.request/2`. The default value is `[]`.

# `authenticate`

```elixir
@spec authenticate(
  Ltix.Registration.t(),
  keyword()
) :: {:ok, Ltix.OAuth.Client.t()} | {:error, Exception.t()}
```

Given a registration, authenticate with a platform's token endpoint.

Request scopes by passing service endpoints in the `:endpoints` option.

# `authenticate!`

```elixir
@spec authenticate!(
  Ltix.Registration.t(),
  keyword()
) :: Ltix.OAuth.Client.t()
```

Same as `authenticate/2` but raises on error.

---

*Consult [api-reference.md](api-reference.md) for complete listing*