Skip to main content
Skip table of contents

API authentication

This document describes how to authenticate against the TAO NextGen APIs using curl using a simple client credentials flow for OAuth 2.0.

Prerequisites

Before you begin, contact your TAO representative for your Token Endpoint URL. This URL is required for authentication.

1. Obtain an Access Token

To obtain a token, send a POST request to the token endpoint. Include your authentication server URL, your credentials and specify the Grant Type:

CODE
curl -X POST "[YOUR_AUTH_URL]/v1/oauth2/tokens" \
     -H "Content-Type: application/x-www-form-urlencoded" \
     -d "grant_type=client_credentials" \
     --data-urlencode "client_id=[YOUR_CLIENT_ID]" \
     --data-urlencode "client_secret=[YOUR_CLIENT_SECRET]"

2. Response Example

If the request is successful, you will receive a JSON response containing the access token. Extract the token from the response’s access_token property:

CODE
{
  "access_token": "eyJhvGciOiJ...",
  "token_type": "Bearer",
  "expires_in": 3600
}

3. Use the Access Token

Include the access token you received in any subsequent API calls by including it in the Authorization header in order to access protected endpoints. Please find a simple GET example below:

CODE
curl -X GET "[YOUR_AUTH_URL]/some/resource" \
     -H "Authorization: Bearer [YOUR_ACCESS_TOKEN]"

 

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.