Skip to content

Authentication

POST /oauth/token

Authenticate with your credentials to receive an access token.

Token lifetime & usage

Your access token remains valid for 4 hours; once it expires, request a new one.
You do not need to authenticate before every API request: excessive authentication traffic can be flagged by our protection systems and may lead to a temporary ban.
Store the token and reuse it by sending it in subsequent calls via the Authorization header.

Example Request

curl -X POST \  
  https://<base_url>/oauth/token \
  -u "<clientID>:<secretkey>" \  
  -H "Content-Type: application/x-www-form-urlencoded" \  
  -d "grant_type=password&username=<username>&password=<password>"

Note

Make sure to replace <clientID>, <secretkey>, <username> and <password> with your data.

Example Response

{
  "access_token": "df4f52fb023d2d6a72f6f1a3aa8d5a7ab8e3f04c",
  "token_type": "Bearer",
  "expires_in": 14399,
  "refresh_token": "4a185a8fcd09c59aed4d4c6ce331bc47657a7f92",
  "scope": "all"
}

Token Usage

Your token must be sent in the HTTP Authorization request header when making subsequent requests:

Authorization: Bearer <token>

Note

Replace <token> with your access_token.