Authentication
Organization API uses OAuth authentication protocol in order to grant access and authenticate client requests. Your launch engineer has to provide you with an OAuth client identifier (clientId) and secret (clientSecret) at your request.
Alternatively, you can find it in Settings -> Developers -> OAuth2:
Authenticate using Authorization Header
To obtain authentication tokens use client_credentials grant type as mentioned below:
Authenticate using client credentials
POST https://{server_address}/oauth2/token
Authentication to Organization API using oAuth client credentials provided in Authorization header.
Query Parameters
| Name | Type | Description |
|---|---|---|
grant_type* | Use client_credentials |
Headers
| Name | Type | Description |
|---|---|---|
Authorization* | Provide authorization header with oAuth client credentials filled in basic authorization format:
|
Example response:
Use access_token value to authenticate further requests and refresh_token to refresh the token after its expiration. Use expires_in (value specified in seconds) parameter to determine token expiration time.
Usage example
cURL:
cURL with real data:
Token Refresh using Authorization Header
After authentication token expiration use refresh_token grant type to refresh it:
Refresh authentication token
POST https://{server_address}/oauth2/token
Refreshing the authentication to Organization API using oAuth client credentials provided in Authorization header and refresh token issued in previous authentication response.
Query Parameters
| Name | Type | Description |
|---|---|---|
refresh_token* | Refresh token, issued by previous authentication request | |
grant_type* | refresh_token |
Headers
| Name | Type | Description |
|---|---|---|
Authorization* | Provide authorization header with oAuth client credentials filled in basic authorization format:
|
Example response:
Use access_token value to authenticate further requests and refresh_token to refresh the token after it's expiration. Use expires_in (value specified in seconds) parameter to determine token expiration time.
Usage example
cURL:
cURL with real data:
Authenticate using query parameters
Authentication using query parameters is less preferred due to it's lower security, but more easier. You may use this authentication type to achieve quick results as it can even be tested in a browser.
Authenticate using client credentials
POST https://{server_address}/oauth2/token
Authentication to Organization API using oAuth client credentials provided in query parameters.
Query Parameters
| Name | Type | Description |
|---|---|---|
grant_type* | client_credentials | |
client_id* | String | oAuth client identifier |
client_secret* | String | oAuth client secret |
Example response:
Use access_token value to authenticate further requests and refresh_token to refresh the token after it's expiration. Use expires_in (value specified in seconds) parameter to determine token expiration time.
Usage example
cURL:
cURL with real data:
Token Refresh using query parameters
Refresh authentication token
POST https://{server_address}/oauth2/token
Refreshing the authentication to Organization API using query parameters with oAuth client credentials and refresh token issued in previous authentication response.
Query Parameters
| Name | Type | Description |
|---|---|---|
grant_type* | refresh_token | |
refresh_token* | String | Refresh token, issued by previous authentication request |
client_id* | String | oAuth client identifier |
client_secret* | String | oAuth client secret |
Example response:
Use access_token value to authenticate further requests and refresh_token to refresh the token after it's expiration. Use expires_in (value specified in seconds) parameter to determine token expiration time.
Usage example
cURL:
cURL with real data:
Last updated