Authentication

Ondato APIs use OAuth2 Access Tokens to authenticate each request.
To obtain Access Token - a post request must be done to our authorization server URL:
- Production: https://id.ondato.com/connect/token
- Sandbox: https://sandbox-id.ondato.com/connect/token
Request to the authorization server must use 'Content-Type: application/x-www-form-urlencoded' header and has to contain the following information in the body:

Key	Value	Description

Key	Value	Description
`client_id`	<client_id>	Your ID that will be provided by Ondato.
`client_secret`	<secret>	Your secret that will be provided by Ondato.
`grant_type`	client_credentials	Machine-to-machine grant flow.
`scope`	<reqested_scopes_separated_by_space>	Access to requested resources. This is an optional parameter: If the scope is not defined, then the token is created with all available scopes for the client_id.

Discovery endpoint: https://id.ondato.com/.well-known/openid-configuration.

Example:

Authentication request example (production)

For in-depth reference see specification about authorization request and response.

curl --location --request POST 'https://id.ondato.com/connect/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'client_id=client_id_that_only_you_know' \
--data-urlencode 'client_secret=secret_that_only_you_know' \