Authentication

The iAdvize authentication mechanism uses temporary tokens that have a 24-hour lifetime.

You can generate your own tokens with a user email & password.

Please note the following policy on authentication:

10 logins per minute per user
100 logins per minute per IP address

Create an Access Token

You have make a POST call on the following endpoint: https://api.iadvize.com/oauth2/token and send the following parameters:

Parameter

Description

Type

Mandatory

username

User email

String

Yes

password

User password

String

Yes

grant_type

Oauth2 grant type (only password is supported)

String

Yes

Please note that parameters must be sent as application/x-www-form-urlencoded

Examples:

curl  --request POST \
      --url https://api.iadvize.com/oauth2/token \
      --data "username={EMAIL}&password={PASSWORD}&grant_type=password"

const axios = require('axios');
const querystring = require('querystring');

const authEndpoint = 'https://api.iadvize.com/oauth2/token';
const username = 'YOUR_IADVIZE_USER_EMAIL';
const password = 'YOUR_PASSWORD'

axios
  .post(
    authEndpoint,
    querystring.stringify({
      grant_type: 'password',
      username,
      password
    })
  )
  .then(function (response) {
    console.log(response);
  });

Response (example):

{
    "access_token": "BMU9FSlOV.....UU0UVRPUSJ9.9yZCIsInBl....cm1pc3Npb0.xw3blsLI8gujt....JPX5U8v24o1gUsg",
    "expires_in": 86400,
    "token_type": "Bearer",
    "refresh_token": "none"
}

Authenticate your API calls

To authenticate an API call just pass the access token in an authorization header.

curl  --request POST \
      --url https://api.iadvize.com/graphql \
      --header "Content-Type: application/json" \
      --header "Authorization: Bearer {YOUR_ACCESS_TOKEN}" \
      --data "YOUR_QUERY"

Check the validity of an access_token

You can verify token validity with the authenticated route below.

curl  --request GET \
      --url https://api.iadvize.com/_authenticated \
      --header "Authorization: Bearer {YOUR_ACCESS_TOKEN}"

If your token is valid, you will receive a response that looks like this:

{
  "authenticated": true
}

If your token is expired or invalid, you will receive the following response:

{
  "error_description": "access token not valid",
  "error": "invalid_token"
}

PreviousReference NextSchema lifecycle

Last updated 1 year ago

hashtagCreate an Access Token

hashtagResponse (example):

hashtagAuthenticate your API calls

hashtagCheck the validity of an access_token

Create an Access Token

Response (example):

Authenticate your API calls

Check the validity of an access_token