The authentication service issues access tokens for our web services. Alongside with your account you should have received all the necessary credentials like client ids and secrets.

Access Tokens

Two different kinds of access tokens can be request from our Auth Service:

  • Normal access tokens for users (dashboard login)

  • Long lived access tokens called reference token for service clients (90 days validity)

To request a reference token, use the client_id contentserviceapi.service.client in your call to the authentication service. The following sample shows how this can be done. This token can then be used in the subsequent examples and is refered to as <YOUR-JWT-TOKEN>. We use CURL in the following samples to show how the requests can be made but of course every other method works as well.

curl -v -X POST \
  -F grant_type=password \
  -F username=<YOUR-USER-NAME> \
  -F password=<YOUR-PASSWORD> \
  -F client_id=contentserviceapi.service.client \
  -F client_secret=<YOUR-CLIENT-SECRET> \
  -F 'scope=openid contentserviceapi'

All requests to the REST API need to be authenticated. Therefore, you need to add an authorisation header to your call. To add a bearer token to your CURL request simple use -H "Authorization: Bearer <YOUR-JWT-TOKEN>".