How to Authenticate with APSIS One's APIs
Here's a summary of the process of authentication you will need to perform in order to access APSIS One API.
1. Gain access token
Request an access token from the API service by sending your client ID and client secret to the authorization endpoint at /oauth/token.
After a successful request, the authorization endpoint returns an access token along with an expiration date. Read more about getting an access token...
2. Authenticate with APSIS One's APIs
You may use the access token obtained from the authorization endpoint to access protected data in APSIS One via its API for as long as the token is valid and has not been revoked.
Pass it as standard Authorization: Bearer header.
Instead of generating a new access token for each of your transactions, you may cache and reuse your tokens. This will optimize your processes and reduce the amount of calls you make to the authentication server.
As long as your access token remains valid, the API service will process requests according to its specifications.
Any attempts to make requests with an invalid or expired access token will return User is not authorized to access this resource with an explicit deny error message with HTTP status code 403.
{
"message": "User is not authorized to access this resource with an explicit deny"
}
What's Next?