Authentication
Authentication and authorization is achieved using the OAuth 2 client credentials login flow. After authentication an access token is returned. Once authenticated the authorization token should be send with every subsequent request.
The access token will always expire after a short time. A new access token can be requested by invoking a new authentication request.
Location
The location to send your authentication requests depend on the environment want to connect to:
| Environment | Locations |
|---|---|
| Production | https://login.mypup.app/connect/token |
| Staging | https://login.staging.mypup.app/connect/token |
Request
Authentication can be acquired using a standard HTTP form POST request. The requests needs the following arguments:
- client_id = Your API Client Id
- client_secret = Your API Client Secret
- grant_type =
client_credentials - scope =
integration_api
Example:
POST /connect/token HTTP/1.1
Host: login.staging.mypup.app
Content-Type: application/x-www-form-urlencoded
grant_type=client_credentials&scope=integration_api&client_id=......&client_secret=......
{
"access_token": "......",
"token_type": "bearer",
"expires_in": 10799
}