Authentication
Unidys API requires a bearer token to access all resources. Fine grained access to specific resources is managed through scopes.
Warning
You should ask only for the access rights a token actually needs
Create a Bearer Token
To create an access token, perform a POST request to oauth/token
with Content-Type application/json
with the following parameters:
Parameter | Content |
---|---|
client_id | Unique identifier that corresponds to one of the UIDs in Unidys partner Applications (provided by Unidy) |
client_secret | Unique identifier that corresponds to one of the UIDs in Unidys partner Applications (provided by Unidy) |
response_type | client_credentials |
scope | Only request access to resources you actually need need access to |
Example
curl -X 'POST' \
'http://localhost:3000/oauth/token' \
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"client_id": "3oyGaZLxkppqDi5V3kLw0e2mDh97ioEH6jMvSgYuhzE",
"client_secret": "rXDV5m_XkOI9XpEou_w-yW5A_Dby_EwHNg-5sHLnqnE",
"grant_type": "client_credentials",
"scope": "users:read users:write"
}'
Available Scopes
- subscriptions:read
- subscriptions:write
- subscriptions_batch:write
- custom_attributes:read
- custom_attributes:write
- users:read
- users:read_by_email
- users:change_email
- users:write
- newsletter_subscriptions:write
Token Response
{
"access_token": "rqzCqRd-3_jd5MBfn_hoi-e_kSv-D3YmDghJOhaFtsw",
"token_type": "Bearer",
"expires_in": 7200,
"scope": "users:read users:write",
"created_at": 1687436422
}
These access tokens do not provide a refresh token. A new one must be created when the old one expires.
Performing a Request
Add the authorization header to all API request
Example
curl -X 'POST' \
'https://<YOUR UNIDY DOMAIN>/api/v1/users' \
-H 'Content-Type: application/json' \
-H 'Authorization: bearer <YOUR ACCESS TOKEN>' \
-d '{ email: [email protected] }'
See list of all available resources here