At Authenticx, we use the OAuth 2.0 protocol to authenticate incoming requests to our API. This means that you will first need to get an access token before you can start requesting, creating, or updating resources via our API. To get your access token you will need to have your client id as well as your client secret which should have been provided to you during on-boarding.

Command Line

Curl Command

Production:

curl -d "client_id=<your-client-id-here>&client_secret=<your-client-secret-here>&grant_type=client_credentials&scope=acxapi" \
	-X POST https://api.beauthenticx.com/connect/token

Staging:

curl -d "client_id=<your-client-id-here>&client_secret=<your-client-secret-here>&grant_type=client_credentials&scope=acxapi" \
	-X POST https://api.authcx.com/connect/token

Expected Response

{
  "access_token": "******************************************",
  "token_type": "Bearer",
  "expires_in": 3600,
  "scope": "acxapi"
}

🚧

Access Token Expiry

Access tokens expire after 1 hour so you will need to refresh them often!

We also accept the client id and client secret through the Authorization header with the Basic auth scheme. If you are unfamiliar with this method we will explain. First, you should encode the following string <client-id>:<client-secret> using base64 encoding. Then set the Authorization header to Basic <encoded-string>. You will still need to provide the grant type and scope in the request body with content-type application/x-www-form-urlencoded.

Authenticx API

Below are recipes in a few different languages that go over how you can generate an access token via the Authenticx API: