Authentication
This section explains how you can authenticate your application to our API.
Basic Authentication will be deprecated on June 15, 2023, in favor of OAuth 2.0. We recommend you to follow our Migrating from Basic Authentication to OAuth 2.0 Credentials Guide in order to keep your application running.
Overview
This section explains how you can authenticate your application to our API. It is split into the following pages:
- Creating and Managing Credentials: Detailed guidance on how to create and maintain your application's credentials.
- Using API Credentials: Instructions on utilizing the credentials you’ve created within your application.
- Exploring Ocrolus With Postman: Steps to use your credentials to interact with our API using Postman.
- Migrating from Basic Authentication to OAuth 2.0 Credentials: A comprehensive guide to transitioning to our more secure OAuth 2.0 authentication system.
- Enterprise single sign-on: Instructions on configuring enterprise SSO as an alternative authentication method.
Looking for our page on Basic Authentication?
We've moved our documentation on Basic HTTP authentication to here. Please note that Basic authentication is being deprecated in favor of OAuth 2.0. To know more about steps needed to migrate your application to the new authentication system, see Migrating from Basic Authentication to OAuth 2.0 Credentials.
We support authentication via OAuth 2.0's Client Credentials Flow, as defined in RFC 6749, section 4.4. Access tokens are granted as JSON Web Tokens (JWTs) as defined in RFC 7519.
Quick start steps
- Log in to the Ocrolus Dashboard and create an API credential, as described here
- Use your new credential to generate an access token, as described here (or here if you just want to play around in Postman).
- Provide your access token to all future API calls to Ocrolus.
- When the token expires, go to Step 2 and repeat.
Updated 3 months ago