This document explains how to authenticate against the Atelier API: Obtain Access Token using username and password.
Atelier Technology utilises OAuth2/OpenID Connect to authenticate users. To obtain an Access Token you need to provide e-mail and password to the following endpoint:
Endpoint URL: https://id.atelier.technology/connect/token
Request method: POST
Headers:
Content-Type = “application/x-www-form-urlencoded”
Request Body:
grant_type = “password”
resource = “api://enterprise”
username = “{{your_email}}”
password = “{{your_password}}”
Response example:
{
"token_type": "Bearer",
"access_token": "ACCESS_TOKEN",
"expires_in": 600
}
Obtain Access Token and Refresh Token using username and password:
For security reasons, Access Tokens are valid for only a short period of time, and for the purpose of not storing usernames & passwords in your application, we can provide you with a Refresh Token. The Refresh Token can then be used to obtain another short lived Access Token.
For more information about Refresh Tokens, see https://auth0.com/learn/refresh-tokens/
Endpoint URL: https://id.atelier.technology/connect/token
Request method: POST
Headers:
Content-Type = “application/x-www-form-urlencoded”
Request Body:
grant_type = “password”
resource = “api://enterprise”
username = “{{your_email}}”
password = “{{your_password}}”
scope = “offline_access”
Response example:
{
"token_type": "Bearer",
"access_token": "ACCESS_TOKEN",
"expires_in": 600,
"refresh_token": "REFRESH_TOKEN"
}
Obtain Access Token using Refresh Token
Access Token can also be obtained (refreshed) using Refresh Token
Endpoint URL: https://id.atelier.technology/connect/token
Request method: POST
Headers:
Content-Type = “application/x-www-form-urlencoded”
Request Body:
grant_type = “refresh_token”
resource = “api://enterprise”
refresh_token = “{{refresh_token}}”
Response example:
{
"scope": "offline_access",
"token_type": "Bearer",
"access_token": "ACCESS_TOKEN",
"expires_in": 600
}
Using the Access Token to call authenticated endpoints
Request Header:
Authorization = "Bearer {{ACCESS_TOKEN}}"