Authentication

This section explains how you can authenticate your application to our API.

❗️

Basic Authentication will be deprecated on March 15, 2023, in favor of OAuth 2.0. We recommend you to follow our Migrating from Basic Authentication to OAuth 2.0 Credentials Guide in order to keep your application running.

Overview

This section explains how you can authenticate your application to our API. It is split into the following pages:

🚧

Looking for our page on basic authentication?

We've moved our documentation on Basic HTTP authentication to here. Note that we're deprecating Basic authentication in favor of OAuth 2.0. This page describes the steps needed to migrate your application to the new authentication system.

We support authentication via OAuth 2.0's Client Credentials Flow, as defined in RFC 6749, section 4.4. Access tokens are granted as JSON Web Tokens (JWTs) as defined in RFC 7519.

In a Nutshell...

  1. Log in to the Ocrolus Dashboard and create an API credential, as described here
  2. Use your new credential to generate an access token, as described here (or here if you just want to play around in Postman).
  3. Provide your access token to all future API calls to Ocrolus.
  4. When the token expires, go to Step 2 and repeat.