The authentication method to connect to our API will be OAuth 2.0 Client Credentials Grant Type
Retrieving token
curl -X POST 'https://api.toq.io/iam/oauth/token' \
--header 'Authorization: Basic <encoded base64 username:password>' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=client_credentials' \
You will receive a response as follows
{
"access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJz...",
"expires_in": 3599,
"jti": "f8e4b107-26e5-494f-a59e-d008a4fdfcc4",
"scope": "",
"token_type": "bearer"
}
by default, the "access_token" will have an expiration time of 1h (3600 secs), but it could be customised if requested by the client and if the request is approved.
All API request must be called using the access_token received using the "Authorization" header inside each request:
Authorization: "Bearer {access_token}"