Developer Platform
  • Home
  • Getting Started
    • General Information
    • Features Overview
    • Security
  • APPs
    • Public Apps
      • Shopify
      • Salesforce
      • Zendesk
      • Google Analytics
    • Build your App
      • Getting started
      • My Apps
      • App information
      • App Parameters
      • App Plugins
      • Add Webhooks
      • Submit your Apps
      • App security
      • Developer Policy
  • Use Cases
    • Copilots
      • Product Catalog sync through API
      • FAQ sync through API
    • Visitor experience
      • Integrating custom buttons into your site
      • Check availability before escalating to iAdvize
      • Authenticated Messaging
        • Introduction
        • Web client-side implementation
          • Authenticated Messaging overview
          • Brief timeline of the integration process
          • How to enable authenticated mode in the administration portal?
          • How to implement the customer authentication backend (token provider)?
          • How to authenticate with iAdvize in client's website?
          • How to deal with activation success or failure?
          • How to logout?
          • Compatibility with Mobile SDK
          • FAQ
        • Web backend implementation
          • Important information and recommendations
          • Signature and Encryption Detailed Process
          • Technical backend implementation
          • FAQ
      • Cross-domain Conversation Continuity
      • Customize replies with Markdown
    • Agent workspace
      • Custom App example and step-by-step tutorial
        • Get Started
        • Work with the Desk
        • Intent / Trigger
        • JWT
        • References
    • Administration
      • Users
        • SAML SSO Authentication - Implementation Guide
        • Create, update and delete users via API
        • Manage the availability of your users with the iAdvize API
        • Integrate the iAdvize conversation panel into an existing tool
    • Data & Analytics
      • Anonymize a conversation or visitor data
      • Create a custom dashboard
      • Find contact data using GraphQL
      • Retrieve conversations data
      • Retrieve messages exchanged within a conversation
  • Technologies
    • GraphQL API
      • Terminology
      • Reference
      • Authentication
      • Schema lifecycle
      • Error Management
      • Pagination
    • REST API (deprecated)
      • Statistic (deprecated)
      • Group (deprecated)
      • Call meeting (deprecated)
      • Operator (deprecated)
      • Skill (deprecated)
      • Transaction (deprecated)
      • Visitor (deprecated)
    • Webhooks
      • Reference
      • Guides
    • Desk events
      • Reference
    • Web & Mobile SDK
      • Javascript Web SDK
        • Reference
      • Javascript Callbacks
        • Reference
        • Guides
      • Mobile SDK
        • Fourme (latest)
        • Epoisses
        • Dauphin
        • Cantal
        • 🤝Support Policy
        • 🤔Frequently Asked Questions
    • Custom App
    • External Bot
      • Implementation
        • Configuration flow
        • Conversation flow
        • Conversation objects
      • Configuration
      • FAQ
      • Best practices
Powered by GitBook
On this page
  • Create an Access Token
  • Authenticate your API calls
  • Check the validity of an access_token

Was this helpful?

  1. Technologies
  2. GraphQL API

Authentication

The iAdvize authentication mechanism uses temporary tokens that have a 24-hour lifetime.

You can generate your own tokens with a user email & password.

Please note the following policy on authentication:

  • 10 logins per minute per user

  • 100 logins per minute per IP address

Create an Access Token

You have make a POST call on the following endpoint: https://api.iadvize.com/oauth2/token and send the following parameters:

Parameter

Description

Type

Mandatory

username

User email

String

Yes

password

User password

String

Yes

grant_type

Oauth2 grant type (only password is supported)

String

Yes

Please note that parameters must be sent as application/x-www-form-urlencoded

Examples:

curl  --request POST \
      --url https://api.iadvize.com/oauth2/token \
      --data "username={EMAIL}&password={PASSWORD}&grant_type=password"
const axios = require('axios');
const querystring = require('querystring');

const authEndpoint = 'https://api.iadvize.com/oauth2/token';
const username = 'YOUR_IADVIZE_USER_EMAIL';
const password = 'YOUR_PASSWORD'

axios
  .post(
    authEndpoint,
    querystring.stringify({
      grant_type: 'password',
      username,
      password
    })
  )
  .then(function (response) {
    console.log(response);
  });

Response (example):

{
    "access_token": "BMU9FSlOV.....UU0UVRPUSJ9.9yZCIsInBl....cm1pc3Npb0.xw3blsLI8gujt....JPX5U8v24o1gUsg",
    "expires_in": 86400,
    "token_type": "Bearer",
    "refresh_token": "none"
}

Authenticate your API calls

To authenticate an API call just pass the access token in an authorization header.

curl  --request POST \
      --url https://api.iadvize.com/graphql \
      --header "Content-Type: application/json" \
      --header "Authorization: Bearer {YOUR_ACCESS_TOKEN}" \
      --data "YOUR_QUERY"

Check the validity of an access_token

You can verify token validity with the authenticated route below.

curl  --request GET \
      --url https://api.iadvize.com/_authenticated \
      --header "Authorization: Bearer {YOUR_ACCESS_TOKEN}"

If your token is valid, you will receive a response that looks like this:

{
  "authenticated": true
}

If your token is expired or invalid, you will receive the following response:

{
  "error_description": "access token not valid",
  "error": "invalid_token"
}
PreviousReferenceNextSchema lifecycle

Last updated 1 year ago

Was this helpful?