Authentication

Owned by
Priit Aavik
Last updated: Jun 17, 2024 by
Priit Aavik
1 min read

  • Ondato APIs use OAuth2 Access Tokens to authenticate each request.

  • To obtain Access Token - a post request must be done to our authorization server URL:

  • Request to the authorization server must use 'Content-Type: application/x-www-form-urlencoded' header and has to contain the following information in the body:

Key

Value

Description

Key

Value

Description

client_id

<client_id>

Your ID that will be provided by Ondato.

client_secret

<secret>

Your secret that will be provided by Ondato.

grant_type

client_credentials

Machine-to-machine grant flow.

scope

<reqested_scopes_separated_by_space>

Access to requested resources.

This is an optional parameter:
If the scope is not defined, then the token is created with all available scopes for the client_id.

Discovery endpoint: https://id.ondato.com/.well-known/openid-configuration.

Example:

Screenshot 2024-03-04 at 15.11.27.png

Authentication request example (production)

For in-depth reference see specification about authorization request and response.

curl --location --request POST 'https://id.ondato.com/connect/token' \ --header 'Content-Type: application/x-www-form-urlencoded' \ --data-urlencode 'grant_type=client_credentials' \ --data-urlencode 'client_id=client_id_that_only_you_know' \ --data-urlencode 'client_secret=secret_that_only_you_know' \