Access token

POST 
/auth

The API implements an oauth client_credentials flow. What this means is that in order to access the rest of the endpoints, a token has to be sent with every request in a header called Authorization. The header value should be in this string format: Bearer <your_access_token>

The access token is obtained using this endpoint, where your client credentials can be exchanged for the token. The client credentials are available via: console

Note that this endpoint, in accordance with the oauth2 RFC6749 standard, requires the request format to be sent an application/x-www-form-urlencoded content-type. This is unlike the rest of the other endpoints in the API. They use the application/json content-type instead

Note that access tokens are short-lived, and they no longer work after they expire. The expiration is known via the exp token claim, but can also obtained via the exp field returned next to the token. In order to ensure that your system is always authenticated with a fresh access token, something like an interval can be used to regularly refresh the token

Request

Responses

200

400

500