Token request
CE-API provides the Requests token for a user. endpoint to obtain the access and refresh tokens to be used for calls to API endpoints. To authenticate with the CE-API an end-user must provide a username
, password
, client_id
and client_secret
to the /token
endpoint to obtain an access token (access_token
) and refresh token (refresh_token
). Once authenticated the access token can be used for calls to API endpoints. The access token is short-lived (1 hour).
The
client_id
andclient_secret
will be provided to the customer once the dedicated instance of the NET2GRID Insight Platform has been setup and/or when a new labelpartner is added in the platform.
An example call in cURL format is described below:
curl --location --request POST '<CE_API_BASE_URL>/v2/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_id=<CLIENT_ID>' \
--data-urlencode 'client_secret=<CLIENT_SECRET>' \
--data-urlencode 'username=<EMAIL_ADDRESS>' \
--data-urlencode 'password=<PASSWORD>' \
--data-urlencode 'grant_type=password'
The response of the token call will be like:
{
"access_token": "<ACCESS_TOKEN>",
"refresh_token": "<REFRESH_TOKEN>",
"id_token": "<ID_TOKEN>",
"expires_in": 3600,
"token_type": "Bearer",
"scope": []
}
It is important that applications do not store the username and password for end-users, but instead rely on the refresh token flow to renew access tokens once they're no longer valid.
When a new access token is needed, the application can make a POST request back to the token endpoint using a grant type of refresh_token
to request a new access token. Refresh tokens are much longer lived, usually configured to expire in 30 days.
An example call in cURL format is described below:
curl --location --request POST '<CE_API_BASE_URL>/v2/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_id=<CLIENT_ID>' \
--data-urlencode 'client_secret=<CLIENT_SECRET>' \
--data-urlencode 'refresh_token=<REFRESH_TOKEN>' \
--data-urlencode 'grant_type=refresh_token'
And the response will be similar to the above
The response of the token call will be like:
{
"access_token": "<ACCESS_TOKEN>",
"refresh_token": "<REFRESH_TOKEN>",
"id_token": "<ID_TOKEN>",
"expires_in": 3600,
"token_type": "Bearer",
"scope": []
}
Updated 5 months ago