OAuth 2.0 Client Credential Authentication
The Credentials Grant authentication method involves a client application, associated with the integration, providing the necessary authentication credentials to access a user's resources. This flow is commonly used for private integrations, where the client application is tightly coupled with the integration and is responsible for securely managing the user's credentials. This approach allows the client application to directly authenticate with the authorization server and obtain an access token on behalf of the user, without requiring the user to interactively provide their credentials for each request.
Flow
- Request for a token using your applications
client_id
andclient_secret
- Event Temple validates the client_id and client_secret
- Event Temple responds with an access token
- The application can use the access token to call the API for resources belonging to the user
Send request for an access token
To obtain an access token, you need to provide your application's credentials for an access_token
. Send a POST request to Event Temple's token URL: https://api.eventtemple.com/oauth/token.
The body of the request contains the following JSON-encoded fields:
client_id | An identifier for your integration, found in the integration settings |
client_secret | A secret for your integration, found in the integration settings |
grant_type | The string "client_credentials" |
scope | Provides a way to limit the amount of access that is granted to an access token. |
POST /oauth/token HTTP/1.1
Content-Type: application/json
{
"grant_type": "client_credentials",
"client_id": "uVTumYkz_DvMqgPS-YFIzk2DozVg5BoaQVhZSGt4KPs",
"client_secret": "pQLvHUnyhejIdYbqgo4SkPS__tX4bgp3y-6fjEINfF8",
"scope": "crm_read crm_manage"
}
Making Requests with Access Token
Once you have obtained an access token, you can use it to make authenticated requests to the Event Temple API. Requests performed using this flow will return resources belonging to the user.
To make an authenticated request, you'll need to include the access token in the Authorization header of the request using the Bearer authentication scheme. Here's an example request using the curl command-line tool:
GET https://api.eventtemple.com/v2/bookings HTTP/1.1
Authorization: Bearer <access_token>
X-API-ORG: <api_org_id>
Updated 8 months ago