Authentication
Platform API is exclusively available to Enterprise Plan clients. If you're interested in utilizing this API for your business needs, consider upgrading. If you are already an Enterprise Plan customer, please reach out to your Launch Support Engineer.
Organization API uses OAuth authentication protocol in order to grant access and authenticate client requests. Your launch engineer has to provide you with an OAuth client identifier (clientId
) and secret (clientSecret
) on your request.
The Organization API employs the OAuth authentication protocol to securely authorize and authenticate client requests. To get started, you should request an OAuth client identifier (commonly known as clientId
) and a secret key (clientSecret
) from your Launch Support Engineer. These credentials are essential for establishing a secure connection with the API. Remember, the clientId
serves as your unique identifier, while the clientSecret
acts like a password, ensuring that access to the API is restricted to authorized users only.
You can also create one by yourself in Console -> Developer Zone -> OAuth2
Authenticate using Authorization Header
To obtain authentication tokens use client_credentials
grant type as mentioned below:
Authenticate using client credentials
POST
https://{server_address}/oauth2/token
Authentication to Organization API using OAuth client credentials provided in Authorization
header.
Query Parameters
Name | Type | Description |
---|---|---|
grant_type* | Use client_credentials |
Headers
Name | Type | Description |
---|---|---|
Authorization* | Provide authorization header with OAuth client credentials filled in basic authorization format:
|
Example response:
Use access_token
value to authenticate further requests and refresh_token
to refresh the token after its expiration. Use expires_in
(value specified in seconds) parameter to determine token expiration time.
Usage example
cURL:
cURL with real data:
Token Refresh using Authorization Header
After authentication token expiration use refresh_token
grant type to refresh it:
Refresh authentication token
POST
https://{server_address}/oauth2/token
Refreshing the authentication to Organization API using OAuth client credentials provided in Authorization
header and refresh token issued in previous authentication response.
Query Parameters
Name | Type | Description |
---|---|---|
refresh_token* | Refresh token, issued by previous authentication request | |
grant_type* | refresh_token |
Headers
Name | Type | Description |
---|---|---|
Authorization* | Provide authorization header with OAuth client credentials filled in basic authorization format:
|
Example response:
Use access_token
value to authenticate further requests and refresh_token
to refresh the token after it's expiration. Use expires_in
(value specified in seconds) parameter to determine token expiration time.
Usage example
cURL:
cURL with real data:
Authenticate using query parameters
Authentication using query parameters is easier but less preferred due to it's lower security. You may use this authentication type to achieve quick results as it can even be tested in a browser.
Using query parameters for authentication is easier and suitable for quick testing, including in a browser. However, it's less secure than other methods and not recommended for sensitive applications.
This method allows you to authenticate by directly appending your credentials to the URL as query parameters.
Authenticate using client credentials
POST
https://{server_address}/oauth2/token
Authentication to Organization API using OAuth client credentials provided in query parameters.
Query Parameters
Name | Type | Description |
---|---|---|
grant_type* | client_credentials | |
client_id* | String | OAuth client identifier |
client_secret* | String | OAuth client secret |
Example response:
Use access_token
value to authenticate further requests and refresh_token
to refresh the token after it's expiration. Use expires_in
(value specified in seconds) parameter to determine token expiration time.
Usage example
cURL:
cURL with real data:
Token Refresh using query parameters
Refresh authentication token
POST
https://{server_address}/oauth2/token
To refresh authentication for the Organization API using query parameters, include your OAuth client credentials and the previously issued refresh token in the URL query string. This method is straightforward but less secure.
Query Parameters
Name | Type | Description |
---|---|---|
grant_type* | refresh_token | |
refresh_token* | String | Refresh token, issued by previous authentication request |
client_id* | String | oAuth client identifier |
client_secret* | String | oAuth client secret |
Example response:
Use access_token
value to authenticate further requests and refresh_token
to refresh the token after it's expiration. Use expires_in
(value specified in seconds) parameter to determine token expiration time.
Usage example
cURL:
cURL with real data:
Last updated