BTS API Authentication Guide
Modified on: 2023-09-19 10:02
TABLE OF CONTENTS
- Introduction
- OAuth 2.1 Authentication
- Generating Client ID and Client Secret
- Exchanging Client ID and Client Secret for a Token
- Using the Token for Authentication
Introduction
This guide provides instructions on how to authenticate with the BTS API using OAuth 2.1 tokens.
OAuth 2.1 Authentication
All BTS APIs require OAuth 2.1 tokens for authentication.
Generating Client ID and Client Secret
We provide a Console page where you can generate your own OAuth 2.1 Client ID and Client Secret. Please note that the Client ID and Client Secret must be renewed at least every six months. We will send an email notification in advance to remind you to renew these credentials. You also have the option to renew them ahead of time.
Exchanging Client ID and Client Secret for a Token
You can exchange your Client ID and Client Secret for a token. Here is an example of a request and response:
Request:
POST /authorizer/token HTTP/1.1 Host: server.example.com Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW Content-Type: application/x-www-form-urlencoded grant_type=client_credentials
Response:
HTTP/1.1 200 OK Content-Type: application/json;charset=UTF-8 Cache-Control: no-store Pragma: no-cache { "access_token":"2YotnFZFEjr1zCsicMWpAA", "token_type":"Bearer", "expires_in":3600, "example_parameter":"example_value" }
Please note that the token has an expiration time, after which it needs to be renewed, otherwise you will receive 401 http code when calling API.
Using the Token for Authentication
The token should be included in the HTTP header when calling the BTS API for authentication. Here is an example:
Request with Header:
GET /resource HTTP/1.1 Host: server.example.com Authorization: Bearer 2YotnFZFEjr1zCsicMWpAA
Did you find it helpful? Yes No
Send feedback