API authentication

Suggest Edits

The authentication method to connect to our API will be OAuth 2.0 Client Credentials Grant Type

Retrieving token

cURL

curl -X POST 'https://api.toq.io/iam/oauth/token' \
--header 'Authorization: Basic <encoded base64 username:password>' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=client_credentials' \

You will receive a response as follows:

JSON

{
  "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJz...",
  "expires_in": 3599,
  "jti": "f8e4b107-26e5-494f-a59e-d008a4fdfcc4",
  "scope": "",
  "token_type": "bearer"
}

By default, the "access_token" will have an expiration time of 1h (3600 secs), but it could be customised if requested (and if the request is approved).

All API requests must be called using the access_token received using the "Authorization" header inside each request:

Text

Authorization: "Bearer {access_token}"

Updated 7 months ago