Token request

CE-API provides the POST /token endpoint to obtain the access and refresh tokens to be used for calls to API endpoints.

To authenticate with the CE-API an application must provide a username, password, client_id and client_secret via the POST /token endpoint, to obtain an accessand refresh token. Once authenticated the access token can be used for calls to API endpoints. The access token is short-lived (1 hour).

📘
The client_id and client_secret will be provided to the customer once the dedicated instance of the NET2GRID Insight Platform has been setup and/or when a new labelpartner is added in the platform.

An example call in cURL format is described below:

curl --location --request POST '<CE_API_BASE_URL>/v2/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_id=<CLIENT_ID>' \
--data-urlencode 'client_secret=<CLIENT_SECRET>' \
--data-urlencode 'username=<EMAIL_ADDRESS>' \
--data-urlencode 'password=<PASSWORD>' \
--data-urlencode 'grant_type=password'

The response of the token call will be like:

{
    "access_token": "<ACCESS_TOKEN>",
    "refresh_token": "<REFRESH_TOKEN>",
    "id_token": "<ID_TOKEN>",
    "expires_in": 3600,
    "token_type": "Bearer",
    "scope": []
}

🚧
It is important that applications do not store the username and password for end-users, but instead rely on the refresh token flow to renew access tokens once they're no longer valid.

Refresh Token

When a new access token is needed, the application can make a POST request back to the token endpoint using a grant type of refresh_token to request a new access token. Refresh tokens are much longer lived, configured to expire in 30 days by default.

📘
If you need to extend the expiration time of refresh tokens beyond 30 days, please contact us

An example POST /token call in cURL format is described below with the refresh_token grant:

curl --location --request POST '<CE_API_BASE_URL>/v2/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_id=<CLIENT_ID>' \
--data-urlencode 'client_secret=<CLIENT_SECRET>' \
--data-urlencode 'refresh_token=<REFRESH_TOKEN>' \
--data-urlencode 'grant_type=refresh_token'

And the response will be similar to the above.

Its response will be similar to the aforementioned where the password grant_type was provided. It is recommended to request access tokens with the refresh_token grant whenever possible to enhance application performance.

🚧
Once the Refresh token has also expired, then the access token needs to be retrieved again with the password grant.

Token request

The `client_id` and `client_secret` will be provided to the customer once the dedicated instance of the NET2GRID Insight Platform has been setup and/or when a new labelpartner is added in the platform.

It is important that applications do not store the username and password for end-users, but instead rely on the refresh token flow to renew access tokens once they're no longer valid.

Refresh Token

If you need to extend the expiration time of refresh tokens beyond 30 days, please contact us

Once the Refresh token has also expired, then the access token needs to be retrieved again with the password grant.

The client_id and client_secret will be provided to the customer once the dedicated instance of the NET2GRID Insight Platform has been setup and/or when a new labelpartner is added in the platform.

It is important that applications do not store the username and password for end-users, but instead rely on the refresh token flow to renew access tokens once they're no longer valid.

Refresh Token

If you need to extend the expiration time of refresh tokens beyond 30 days, please contact us

Once the Refresh token has also expired, then the access token needs to be retrieved again with the password grant.

The `client_id` and `client_secret` will be provided to the customer once the dedicated instance of the NET2GRID Insight Platform has been setup and/or when a new labelpartner is added in the platform.