Authentication
Methods
All Communic8 Public API operations require authorization.
There are two methods of authorization available - bearer token and OAuth 2. The default method is bearer token, with OAuth2 available on request. If you are unsure which method is available for your client, please contact Communic8 support.
Bearer Token
When using bearer token authorization, all API requests must send an access token in the Authorization header with a "Bearer" prefix:
Authorization: Bearer <token>
OAuth 2.0
When using OAuth 2 authorisation, new access tokens must be generated using the following information:
| Field | Value |
|---|---|
| end point | /int/v1/oauth/token |
| client_id | the "ID" value for the generated token, visible when you create or edit a token |
| client_secret | the value of the token, visible when you generate it |
| grant_type | client_credentials |
Generated access tokens should then be used in the Authorization header as bearer tokens.
01. Request token
Request access token of OAuth 2.0. Only supports grant type "client_credentials". https://datatracker.ietf.org/doc/html/rfc6749.html#section-4.4
POST /int/v1/oauth/token
Headers - Header
| Name | Type | Description |
|---|---|---|
| Authorization | String | Prefix with "Bearer". Token in format client_id:client_secret encoded in base64. client_id is the id of the token. client_secret is the token value. |
Request Body
| Name | Type | Description |
|---|---|---|
| grant_type | String | optional auth grant_type, only support "client_credentials"Default value: client_credentials__Allowed values: "client_credentials" |
Examples
CURL Example:
curl -H "Authorization: Bearer <token>" \
-H "Content-Type: application/json" \
-X POST https://<url>/int/v1/oauth/token \
-d '{"grant_type": "client_credentials"}'
Javascript Example:
(async (url, client_id, client_secret) => {
const StringToBase64 = (string) => {
const bytes = new TextEncoder().encode(string);
const binString = Array.from(bytes, (byte) =>
String.fromCodePoint(byte),
).join("");
return btoa(binString);
};
try{
const response = await(
await fetch(
`${url}/int/v1/oauth/token`,
{
method: "POST",
headers: {
"Authorization": `Bearer ${StringToBase64(client_id + ':' + client_secret)}`,
"Content-Type": "application/json"
},
body: JSON.stringify(
{
"grant_type": "client_credentials"
}
)
}
)
).json();
console.log("API response:", response);
}catch(error){
console.error("API error:", error);
}
})(process.env.URL, process.env.TOKEN_ID, process.env.TOKEN_VALUE);
Success response
Success response - Success 200
| Name | Type | Description |
|---|---|---|
| access_token | String | The access token issued by the authorization server. |
| token_type | String | The type / usage of the token. |
| expires_in | Number | The lifetime of the token in seconds. |
Success response example
Success response example - Success:
HTTP/1.1 200 OK
{
"access_token": "f5f3ef9b851438b6ac643907b3678ac4",
"token_type": "Bearer",
"expires_in": 86400
}