Skip to main content

Authentication 101

Buckle up! We're diving into the world of OAuth 2.0 with client credentials. It's all about keeping your app's interactions with our API secure and smooth.

Let's Get You Set Up

Ready to get your hands dirty? Here’s how you can set up your client:

  1. Log In, Let’s Roll: Jump into your Zigned account and head over to the developer settings.
  2. Create Your API Client: Find the "API Clients" section and hit that 'Create New API Client' button.
  3. Grab Your Credentials: Once your API client is up, jot down your 'Client ID' and 'Client Secret'. Guard these like treasure – they’re your keys to our kingdom!

Access Tokens: Your API Passport

How to Get Your Token

Fire off a POST request to our /token endpoint like a pro. Here's a basic cURL example:

Requesting a token
curl -X POST \
-H "Content-Type: application/x-www-form-urlencoded" \
-d "grant_type=client_credentials&client_id=YOUR_CLIENT_ID&client_secret=YOUR_CLIENT_SECRET"

Decoding the Token Response

Hit the jackpot? You'll get something like below. Use the access token in subsequent API requests.

Access token response
"access_token": "your_access_token",
"token_type": "Bearer",
"expires_in": 10000000

Test Drive Your Token

Now, let’s take that token for a spin:

Authenticated API request
curl -X GET \
-H "Authorization: Bearer your_access_token"

Long-Lasting Tokens

Our tokens are like fine wine – they last a long time. But remember, store them safely!

Revoking Tokens

Changed your mind? Revoke that token like this:

Revoke an access token
curl -X DELETE

Want to Dig Deeper?

Thirsty for more knowledge? Hop over to the next sections where we dive deeper into the world of tokens and authentication.