Skip to content

Authentication

Tip

This tutorial will help you call your API using the Client Credentials Flow, where your Client ID and Client Secret are exchanged for a token, which is then used to authorize requests.

In order to make an authenticated call to the API, you must include your access token with the call. OAuth2 uses a BEARER token that is passed along in an Authorization header with each request.

Prerequisites

Before beginning this tutorial:

Steps

  1. Request a Token: Request an Access Token for your API.
  2. Call your API: Use the retrieved Access Token to call your API.

Request a Token

To access your API, you must request an Access Token for it. To do so, you will need to POST to the token URL.

We'll be using the Client Credentials flow, where your Client ID and Client Secret are exchanged for a token. That token is then used to authorize requests.

Example POST to token URL

1
2
3
4
5
6
7
curl --request POST \
  --url 'https://TENANT_ID.REGION.api.wyzed.com/api/v1/oauth/token' \
  --header 'content-type: application/json' \
  --header 'accept: application/json' \
  --data grant_type=client_credentials \
  --data 'client_id=CLIENT_ID' \
  --data client_secret=CLIENT_SECRET
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
import requests


url = 'https://{TENANT_ID}.{REGION}.api.wyzed.com/api/v1/oauth/token'

headers = {
  'Content-Type': 'application/json',
  'Accept': 'application/json'
}

payload = {
  'client_id': CLIENT_ID,
  'client_secret': CLIENT_SECRET
}

r = requests.post(url, headers=headers, json=payload)

print(r.json())

Parameters

Parameter Name Description
grant_type Set this to "client_credentials".
client_id Your integration's Client ID. You receive this value when installing the Wyzed API integration.
client_secret Your integration's Client Secret. You receive this value when installing the Wyzed API integration.

Response

If all goes well, you'll receive an HTTP 200 response with a payload containing access_token, token_type, and expires_in values:

1
2
3
4
5
6
{
 "access_token": "eyJz93a...k4laUWw",
 "aud": "https://TENANT_ID.REGION.api.wyzed.com",
 "token_type": "Bearer",
 "expires_in": 300
}

Call your API

To call your API the application must pass the retrieved Access Token as a Bearer token in the Authorization header of your HTTP request.

This example sends a request to the /oauth/me endpoint.

1
2
3
4
5
curl --request GET \
  --url 'https://TENANT_ID.REGION.api.wyzed.com/api/v1/oauth/me' \
  --header 'content-type: application/json' \
  --header 'accept: application/json' \
  --header 'authorization: Bearer ACCESS_TOKEN'
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
import requests

url = 'https://{TENANT_ID}.{REGION}.api.wyzed.com/api/v1/oauth/me'

headers = {
  'Content-Type': 'application/json',
  'Accept': 'application/json',
  'Authorization': MY_ACCESS_TOKEN
}

r = requests.get(url, headers=headers)

print(r.json())

Next Steps