Authenticated API Usage
We use a
Bearer Token
to authenticate API calls. This token can be acquired via the OAuth Client Credentials flow.
- Using your specific
clientId
and yourclientSecret
(provided by us during onboarding) you are able to obtain aBearer Token
. With this token you authenticate against our API during all calls. This token is valid for all organizations you have been authorized for on the specific environment (sandbox or production). - This
Bearer Token
has a time to live (TTL) of 10-24 hours and it gives you access to our endpoints. It needs to be sent with every request towards the API. Please use the TTL in the response when fetching a token and only create a new token shortly before the TTL is exeeded. - You need to refresh the token before the token expires. Until then, the token has to be reused! Do not request a new token on every call to our API.
curl --location --request POST 'https://infinnityprodinternal.eu.auth0.com/oauth/token' \
--header 'Content-Type: application/json' \
--data-raw '{
"client_id": "YOUR CLIENT ID",
"client_secret": "YOUR CLIENT SECRET",
"audience": "api.getpliant.com/api/integration",
"grant_type": "client_credentials"
}'
curl --location --request POST 'https://infinnitystaginginternal.eu.auth0.com/oauth/token' \
--header 'Content-Type: application/json' \
--data-raw '{
"client_id": "YOUR CLIENT ID",
"client_secret": "YOUR CLIENT SECRET",
"audience": "api.staging.v2.infinnitytest.com/api/integration",
"grant_type": "client_credentials"
}'
{
"access_token": "ey...0A",
"expires_in": 86400,
"token_type": "Bearer"
}
The token is not invalidated before the timeout (TTL).
More on the topic can be found here:
HTTPS is Mandatory
All API communication must be made over HTTPS, plain HTTP is not allowed.
Only Backend to Backend Communication allowed
Make sure the authorization flow is obtained from a secure backend all the time. For security reasons (to not expose the client secret) web frontends or mobile applications are not allowed to directly communicate with our API!
Updated 7 months ago