The Credentials Grant authentication method involves a client application, associated with the integration, providing the necessary authentication credentials to access a user's resources. This flow is commonly used for private integrations, where the client application is tightly coupled with the integration and is responsible for securely managing the user's credentials. This approach allows the client application to directly authenticate with the authorization server and obtain an access token on behalf of the user, without requiring the user to interactively provide their credentials for each request.

Flow

1. Request for a token using your applications client_id and client_secret
2. Event Temple validates the client_id and client_secret
3. Event Temple responds with an access token
4. The application can use the access token to call the API for resources belonging to the user

Send request for an access token

To obtain an access token, you need to provide your application's credentials for an access_token. Send a POST request to Event Temple's token URL: https://api.eventtemple.com/oauth/token.

The body of the request contains the following JSON-encoded fields:

POST /oauth/token HTTP/1.1  
Content-Type: application/json

{
  "grant_type": "client_credentials",
  "client_id": "uVTumYkz_DvMqgPS-YFIzk2DozVg5BoaQVhZSGt4KPs",
  "client_secret": "pQLvHUnyhejIdYbqgo4SkPS__tX4bgp3y-6fjEINfF8",
  "scope": "crm_read crm_manage"
}

Making Requests with Access Token

Once you have obtained an access token, you can use it to make authenticated requests to the Event Temple API. Requests performed using this flow will return resources belonging to the user.

To make an authenticated request, you'll need to include the access token in the Authorization header of the request using the Bearer authentication scheme. Here's an example request using the curl command-line tool:

GET https://api.eventtemple.com/v2/bookings HTTP/1.1
Authorization: Bearer <access_token>
X-API-ORG: <api_org_id>