Access Token Generation

To generate the Access Token, it is necessary to make a request using HTTP Basic Authentication through a POST method, so that a Header is sent Authorization with Basic value {CODIGO_BASE64}. The credentials CLIENT_ID and CLIENT_SECRET must be concatenated with a “:” symbol so that they are reported as a value for the mentioned field.

The type of authentication must also be informed in the body of the message as client_credentials. Below is the request model used to generate the access token:

URL AUTH
{BaseUrl}/api/auth/generate_token

HTTP Headers - Example
Authorization: BASIC base_64({CLIENT_ID}:{CLIENT_SECRET})
Content-Type: application/json

HTTP Request Body
{
"grant_type": "client_credentials"
}

If the data entered is correct, an HTTP 200 OK message will be returned informing the generated code and its validity time. This code must be used in all subsequent requests, and will need to be generated again after reaching its expiration time.

HTTP 200 Response Body - Example
{
     "access_token": "eyJhbGciOiJIUzI1NiJ9.eyJ1c2VyX2lkIjoxLCJleHAiOjE2NjUwNjc2MDJ9.ogQs-M3JPH9kgQuqOVc9erv3kBlXr5i2Y7bDFjNh3qI",
     "token_type": "Bearer",
     "expires_in": 1800
}

Description of Attributes

ATTRIBUTE	DESCRIPTION	TYPE
access_token (Required)	JWT token to be used in other API requests	STRING
token_type (Required)	Generated token type	STRING
expires_in (Required)	Token expiration time, in seconds	INTEGER

If the information provided in the request for token creation is invalid, HTTP 401 Unauthorized will be returned, according to the example below.

HTTP 401 Response Body - Example:
{
     "error": "unauthorized"
}

Access Token Generation

Description of Attributes​

Description of Attributes