Authentication
This section explains how you can authenticate your application to our API.
Basic Authentication will be deprecated on March 15, 2023, in favor of OAuth 2.0. We recommend you to follow our Migrating from Basic Authentication to OAuth 2.0 Credentials Guide in order to keep your application running.
Overview
This section explains how you can authenticate your application to our API. It is split into the following pages:
- Basic Authentication: How to use our legacy authentication system. Basic authentication will be deprecated in favor of OAuth 2.0 on March 15, 2023.
- Creating and Managing Credentials: Everything you need to create and maintain your application's credentials.
- Using API Credentials: How to use the credentials you just created in your application.
- Exploring Ocrolus With Postman: How to use the credentials you just created to play around with our API.
- Migrating from Basic Authentication to OAuth 2.0 Credentials: Everything you need to know to migrate to our newer, more secure authentication system.
Looking for our page on basic authentication?
We've moved our documentation on Basic HTTP authentication to here. Note that we're deprecating Basic authentication in favor of OAuth 2.0. This page describes the steps needed to migrate your application to the new authentication system.
We support authentication via OAuth 2.0's Client Credentials Flow, as defined in RFC 6749, section 4.4. Access tokens are granted as JSON Web Tokens (JWTs) as defined in RFC 7519.
In a Nutshell...
- Log in to the Ocrolus Dashboard and create an API credential, as described here
- Use your new credential to generate an access token, as described here (or here if you just want to play around in Postman).
- Provide your access token to all future API calls to Ocrolus.
- When the token expires, go to Step 2 and repeat.
Updated 2 months ago