Authentication – Retrieve an Access Token

POST/authToken: Retrieve an Auth Token for use with protected endpoints.

Authentication

To authenticate with the API, you must first retrieve an accessToken, which is passed in the Authorization header of subsequent requests. By default, the token lasts 24 hours, and the response will include the number of seconds the token expiresIn. This token is cached on the API, so subsequent calls are very fast and will return the same token until expiration is near.

It is an advisable best practice to either call the authToken endpoint before every call, or to cache the token on your end, and be prepared to respond to a 401 once the token has expired by retrieving a new token and resending the request.

Once authenticated, explore and test endpoints via our Swagger UI.

application/json

Example Value / Schema
{
  "clientId": "abcdefg",
  "clientSecret": "hijklmnopqrstuvwxyz"
}

Responses

Code Description
200

Success

Media Type: application/json

Example Value / Schema

{
  "accessToken": "aBcDeFgGHiJkLmNoP",
  "expiresIn": 86400
}
400

Validation error response

Media Type: application/json

Example Value / Schema

{
  "type": "validation_error",
  "errors": [
    {
      "code": "blank",
      "detail": "This field may not be blank.",
      "attr": "client_id"
    },
    {
      "code": "blank",
      "detail": "This field may not be blank.",
      "attr": "client_secret"
    }
  ]
}
401

Client error response

Media Type: application/json

Example Value / Schema

{
  "type": "client_error",
  "errors": [
    {
      "code": "not_authenticated",
      "detail": "Authentication credentials were not provided.",
      "attr": null
    }
  ]
}
500

Server error response

Media Type: application/json

Example Value / Schema

{
  "type": "server_error",
  "errors": [
    {
      "code": "error",
      "detail": "A server error occurred.",
      "attr": null
    }
  ]
}