Authenticating with Syncari Embed APIs

Varsha Neelesh
Varsha Neelesh
  • Updated

Syncari Embed uses token-based authentication. You'll use your Client ID and Client secret to make a request to the POST/oauth/token endpoint. Syncari responds with an access token to use for subsequent requests. You'll need to securely store the access_token and refresh_token in your app to include in the Authorization header parameter for all requests.

Tokens remain active for three hours. After three hours, the token must be refreshed.

 

Obtain an Access Token

Create a POST request to the OAuth/token endpoint where:

  • grant_type=client_credentials
  • client_id and client_secret are your API credentials.
  • Content-Type: application/x-www-form-urlencoded

 

Example Request

curl --location --request POST 'https://api.syncari.com/api/v1/oauth/token?grant_type=client_credentials&client_id=<Syncari Client ID>&client_secret=<Syncari Client Secret>' --header 'Content-Type: application/x-www-form-urlencoded'

Syncari returns a response containing a JSON object with the access token and additional data. Here's an example. Note that actual access tokens are longer than this example.

Example Response
{
 "access_token": "<Access token string>",
 "refresh_token": "<Refresh token string>",
 "token_type": "Bearer",
 "expires_in": 10800
}

The response includes these properties:

access_token — The token that grants access to Syncari APIs. Store this securely within your application to make subsequent calls to the Syncari Embed APIs.

refresh_token — The token that you can use to obtain new a new access_token and refresh_token.

token_type — The type of token. Syncari uses Bearer tokens.

expires_in — The period, in seconds, until the access token expires. Three hours.

Obtaining a Refresh Token

To obtain a refresh token, send a request to the POST/oauth/token endpoint with the previous refresh_token and your API credentials.

curl --location --request POST 'https://api.syncari.com/api/v1/oauth/token?grant_type=refresh_token&client_id=<Syncari Client ID>&client_secret=<Syncari Client SecretD>&refresh_token=<Refresh token from previous request' --header 'Content-Type: application/x-www-form-urlencoded'

The response includes a new access_token and refresh_token for storing securely in your app.

 

Example Response

{
"access_token": "<Access token string>",
"refresh_token": "<Refresh token string>",
"token_type": "Bearer",
"expires_in": 10800
}
Share this

Was this article helpful?

0 out of 0 found this helpful