Authentication
The CloudSoda API uses OAuth 2.0. It is expected that trusted third party clients authenticate with the clientCredentials grant flow. It is not possible to limit the OAuth grant via scope.
- Security Scheme Type: OAuth2
- Flow type: clientCredentials
- Token URL: oauth/token1
Any third party client must authenticate against the API using the client id and secret. The client credentials authentication flow must only be used in cases where the client application can be completely trusted to securely store the secret, which is effectively a password. If the secret is exposed, new client credentials must be generated because malicious clients could make authorized requests with compromised credentials.
A third party client seeking to integrate against the API can request credentials from the on-site CloudSoda product administrator. Specifically, the client id and the client secret can be generated in the API section of the CloudSoda web interface.
Requesting an access token
Authentication is performed via OAuth 2.0 using the oauth/token endpoint. The access_token returned in the response
can be used to authenticate subsequent requests on behalf of the client.
REQUEST BODY SCHEMA: application/x-www-form-urlencoded
| Parameter | Type | Description | Example Value |
|---|---|---|---|
grant_type |
string | The OAuth 2.0 authentication grant flow being initiated | "client_credentials" |
client_id |
string | The unique id for the client making the request | [Your Client ID] |
client_secret |
string | The secret key generated alongside the client id | [Your Client Secret] |
Endpoint: POST /oauth/token
Request sample (cURL)
curl -X POST "https://[YOUR_API_ENDPOINT]/oauth/token" \
-H "Content-Type: application/x-www-form-urlencoded" \
--data "grant_type=client_credentials&client_id=[YOUR_CLIENT_ID]&client_secret=[YOUR_CLIENT_SECRET]"Response samples
200
{ "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...", "token_type": "Bearer", "expires_in": 86400 }