The Agari APIs use the industry standard OAuth 2.0 protocol to secure access to API endpoints.
More specifically, the OAuth 2.0 Client Credentials grant type is used by clients to obtain a temporary access token that will allow access to API endpoints.
Here's an overview of the client credentials grant type flow that you'll use to authenticate with the APIs:
- Manually generate API credentials (a
client_secret) in the product portal
- Use the
client_secretto generate a temporary
- Use the
access_tokento make authenticated API requests
- Periodically regenerate a new
Step by step instructions on how to perform these steps are in the Quick Start.
client_secret are how your programs will initiate authentication with the API. While not a username and password, they can be thought of in the same way. They will be passed to an API endpoint to obtain a temporary
access_token, which will grant you access to the rest of the API endpoints.
Clients can use your
client_secretto gain access to the APIs as your user. Keep these values somewhere safe and secure. Never share them with anyone.
Updated 8 months ago
|Interactive API Reference|