Access Tokens

Authentication token for securely accessing Endorsed's API endpoints

Create an Access Token

POST https://endorsed.ai/api/v1/auth/tokens

Creates a new Access Token to be used in subsequent API calls.

Access tokens are short-lived for security reasons. Expiration times are returned in the response; please request another access token before the previous one expires to prevent any downtime in your service.

Headers

Name Type Description

Name	Type	Description
Content-Type	string	The content type which specifies the format to which client credentials, grant type, scope, etc. are provided (See examples below). Only supports `application/json` and `application/x-www-form-urlencoded` . Defaults to `application/x-www-form-urlencoded`

Content-Type

string

The content type which specifies the format to which client credentials, grant type, scope, etc. are provided (See examples below). Only supports application/json and application/x-www-form-urlencoded . Defaults to application/x-www-form-urlencoded

Request Body

Name Type Description

Name	Type	Description
client_id*	string	The Client ID (UUID) of the client credentials provided by Endorsed for your Organization
client_secret*	string	The Client Secret of the client credentials provided by Endorsed for your Organization
grant_type*	string	The grant type of the Access Token. Only `client_credentials` is currently supported.
scope	string[] OR string	List of allowed access scope strings for this API Key. Supported scopes: `all:read` and `all:write`. For `application/json` content type: Type - `string[]` Default - `["all:read", "all:write"]` For `application/x-www-form-urlencoded` content type: Type - `string` with space delimited scopes Default - `all:read all:write`

client_id*

string

The Client ID (UUID) of the client credentials provided by Endorsed for your Organization

client_secret*

string

The Client Secret of the client credentials provided by Endorsed for your Organization

grant_type*

string

The grant type of the Access Token. Only client_credentials is currently supported.

scope

string[] OR string

List of allowed access scope strings for this API Key. Supported scopes: all:read and all:write. For application/json content type:

Type - string[]

Default - ["all:read", "all:write"]

For application/x-www-form-urlencoded content type:

Type - string with space delimited scopes

Default - all:read all:write

{
  "is_error": false,
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJkYXRhIjp7ImNsaWVudF9pZCI6IjgwNDJmMjQ0LTc1NDEtNDFkZC05ODcyLTI5YjJmMzBjZDM0NiIsInNjb3BlIjpbImFsbDpyZWFkIiwiYWxsOndyaXRlIl19LCJpYXQiOjE2OTYyODQxNjgsImV4cCI6MzM5MjU3MTkzNn0.TAbNlfr4XszINkAwq5ebKzELuZ9IFBTzTX5tXrbk6EQ",
  "token_type": "Bearer",
  "expires_in": "1209600",
  "scope": ["all:read", "all:write"]
}

{
  "is_error": true,
  "error": {
    "code": "FORBIDDEN",
    "issues": [
      {
        "message": "The client_id and client_secret are not a valid organization's credentials. Please ensure you are passing valid credentials. If the issue persists, please reach out to support@endorsed.ai"
      }
    ]
  }
}

{
  "is_error": true,
  "error": {
    "code": "INTERNAL_SERVER_ERROR",
    "issues": [
      {
        "message": "An unexpected error occurred on our end. Please try again later, and if the problem persists, contact our support team"
      }
    ]
  }
}

Examples:

Using URL Encoded Form Data

curl -X POST "${BASE_URL}/api/v1/auth/tokens" -H 'Content-Type: application/x-www-form-urlencoded' \
-H 'Accept: application/json' \
--data-urlencode "client_id=b844338a-60db-4176-9214-49b7e355e4dd" \
--data-urlencode "client_secret=ErnQBjAtlvSxI0Gc-QGwUgtNoWcvfYai-MqkJAbW9qn6iuzi" \
--data-urlencode "grant_type=client_credentials" \
--data-urlencode "scope=all:read all:write"

Using JSON

curl -X POST "${BASE_URL}/api/v1/auth/tokens" \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-d '{
  "client_id": "b844338a-60db-4176-9214-49b7e355e4dd",
  "client_secret": "ErnQBjAtlvSxI0Gc-QGwUgtNoWcvfYai-MqkJAbW9qn6iuzi",
  "grant_type": "client_credentials",
  "scope": ["all:read", "all:write"]
}'

Last updated 8 months ago