Authentication

The iAdvize authentication mechanism uses temporary tokens that have a 24-hour lifetime.

You can generate your own tokens with a user email & password.

Please note the following policy on authentication:

  • 10 logins per minute per user

  • 100 logins per minute per IP address

Create an Access Token

You have make a POST call on the following endpoint: https://api.iadvize.com/oauth2/token and send the following parameters:

Parameter

Description

Type

Mandatory

username

User email

String

Yes

password

User password

String

Yes

grant_type

Oauth2 grant type (only password is supported)

String

Yes

Please note that parameters must be sent as application/x-www-form-urlencoded

Examples:

curl  --request POST \
      --url https://api.iadvize.com/oauth2/token \
      --data "username={EMAIL}&password={PASSWORD}&grant_type=password"

Response (example):

{
    "access_token": "BMU9FSlOV.....UU0UVRPUSJ9.9yZCIsInBl....cm1pc3Npb0.xw3blsLI8gujt....JPX5U8v24o1gUsg",
    "expires_in": 86400,
    "token_type": "Bearer",
    "refresh_token": "none"
}

Authenticate your API calls

To authenticate an API call just pass the access token in an authorization header.

curl  --request POST \
      --url https://api.iadvize.com/graphql \
      --header "Content-Type: application/json" \
      --header "Authorization: Bearer {YOUR_ACCESS_TOKEN}" \
      --data "YOUR_QUERY"

Check the validity of an access_token

You can verify token validity with the authenticated route below.

curl  --request GET \
      --url https://api.iadvize.com/_authenticated \
      --header "Authorization: Bearer {YOUR_ACCESS_TOKEN}"

If your token is valid, you will receive a response that looks like this:

{
  "authenticated": true
}

If your token is expired or invalid, you will receive the following response:

{
  "error_description": "access token not valid",
  "error": "invalid_token"
}
PreviousReferenceNextSchema lifecycle

Last updated