Token Management API¶
The token management API allows your application to make requests on your behalf and access data from the authorized services. For every valid request to the authorization server, an access token response for the client application is issued with the following properties.
access_token
: Access token string issued by the authorization server.expires_in
: The time in seconds for which the access token is valid.token_type
: The type of token, typically just the string "bearer".
Note
Your token is valid for a limited time and your application will need to refresh it at regular intervals.
If the access token request is invalid, error responses are returned with the HTTP 403 status code. For detailed information on the error responses, see General Information.
Create a Token¶
Create a JWT (JSON Web Token) request with the Authorization header format for Token Management API.
The following sample shows the format of the Authorization header.
const CLIENT_ID=<YOUR_CLIENT_ID>;
const CLIENT_SECRET=<YOUR_CLIENT_SECRET>;
// create a base64 encoded string with CLIENT_ID and CLIENT_SECRET
const YOUR_TOKEN = Base64Encoder("${CLIENT_ID}:${CLIENT_SECRET}");
// add the authorization header
Authorization: Basic ${YOUR_TOKEN}
To run the following example, set your TOKEN
.
Example Requests¶
Note
Use the server URL applicable to your region. See API Reference for available server URLs applicable to your region.
export TOKEN = <YOUR_TOKEN>
curl --location --request POST 'https://clientapp-auth.eu.depot.emobility.io/oauth2/token' \
--header 'Accept: application/json' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--header 'Authorization: Basic $TOKEN' \
--data-urlencode 'grant_type=client_credentials'
Example Response¶
The access_token
property in the response body is returned after the successful execution of the request. You can now pass the access_token
in the Authorization
header of any subsequent API requests. The expires_in
property represents the number of seconds your token is valid. The token is valid for 24 hours (86400 seconds) by default. When this time has elapsed you will need to create a new token.
{
"access_token": "eyJ0eXAiOiUSJ9.eyJpc3MiOiJdGlhbHMifQ.MJpcxLfyOt",
"expires_in": 3600,
"token_type": "Bearer"
}
Note
Your token is valid for a limited time and your application will need to refresh it at regular intervals.
Warning
Make sure to store your token in a safe place, never share it or store it in source control. Anyone with access to your token can access the system on your behalf.
Token Usage¶
Pass the access_token
from the token API in the header to access DepotFinity APIs.
The following sample shows the format of the Authorization header.
export ACCESS_TOKEN = <YOUR_ACCESS_TOKEN>
# add the authorization header
Authorization: Bearer ${ACCESS_TOKEN}