Authentication
      Back to home
      1. Loupe - Help & Support
      2. Integration Documentation
      3. Authentication

      Authentication

      This document explains how to authenticate against the Atelier API: Obtain Access Token using username and password.


      Atelier Technology utilises OAuth2/OpenID Connect to authenticate users.       To obtain an Access Token you need to provide e-mail and password to the following endpoint:

      Endpoint URL: https://id.atelier.technology/connect/token

       

      Request method: POST


      Headers:

      Content-Type = “application/x-www-form-urlencoded”


      Request Body:

      grant_type = “password”
      resource = “api://enterprise”
      username = “{{your_email}}
      password = “{{your_password}}


      Response example:

      {
          "token_type": "Bearer",
          "access_token": "ACCESS_TOKEN",
          "expires_in": 600
      }


      Obtain Access Token and Refresh Token using username and password:


      For security reasons, Access Tokens are valid for only a short period of time, and for the purpose of not storing usernames & passwords in your application, we can provide you with a Refresh Token. The Refresh Token can then be used to obtain another short lived Access Token.

      For more information about Refresh Tokens, see https://auth0.com/learn/refresh-tokens/

      Endpoint URL: https://id.atelier.technology/connect/token


      Request method:       POST

      Headers:

        Content-Type = “application/x-www-form-urlencoded”


        Request Body:

        grant_type = “password”
        resource = “api://enterprise”
        username = “{{your_email}}
        password = “{{your_password}}
        scope = “offline_access”


        Response example:

        {
        "token_type": "Bearer",
        "access_token": "ACCESS_TOKEN",
        "expires_in": 600,
        "refresh_token": "REFRESH_TOKEN"
        }

         

        Obtain Access Token using Refresh Token

        Access Token can also be obtained (refreshed) using Refresh Token

        Endpoint URL: https://id.atelier.technology/connect/token


        Request method:         POST

        Headers:

        Content-Type = “application/x-www-form-urlencoded”


        Request Body:

        grant_type = “refresh_token”
        resource = “api://enterprise”
        refresh_token = “{{refresh_token}}


        Response example:

        {
        "scope": "offline_access",
        "token_type": "Bearer",
        "access_token": "ACCESS_TOKEN",
        "expires_in": 600
        }

         

        Using the Access Token to call authenticated endpoints


        Request Header:

        Authorization = "Bearer {{ACCESS_TOKEN}}"