Roaring logo
Log in

Authentication

All requests towards the API's require authentication. This is achieved by using the Consumer key and Consumer secret received from the developer site and calling the token service:

Use the following example to generate an access token using the client_credentials grant type.

Base64(consumer-key:consumer-secret) is a placeholder for the actual base64 encoded version of the string "consumer-key" + ":" + "consumer-secret".

Example Requests

curl request

curl -k -d "grant_type=client_credentials" \
				    -H "Authorization: Basic Base64(consumer-key:consumer-secret)" \
				     https://api.roaring.io/token

csharp request

var client = new RestClient("https://api.roaring.io/token");
var request = new RestRequest(Method.POST);
request.AddHeader("cache-control", "no-cache");
request.AddHeader("content-type", "application/x-www-form-urlencoded");
request.AddHeader("authorization", "Basic Base64(consumer-key:consumer-secret)");
request.AddParameter("application/x-www-form-urlencoded", "grant_type=client_credentials", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);

java request

OkHttpClient client = new OkHttpClient();
MediaType mediaType = MediaType.parse("application/x-www-form-urlencoded");
RequestBody body = RequestBody.create(mediaType, "grant_type=client_credentials");
Request request = new Request.Builder()
  .url("https://api.roaring.io/token")
  .post(body)
  .addHeader("authorization", "Basic Base64(consumer-key:consumer-secret)")
  .addHeader("content-type", "application/x-www-form-urlencoded")
  .addHeader("cache-control", "no-cache")
  .build();

Response response = client.newCall(request).execute();

php request

<?php

$request = new HttpRequest();
$request->setUrl('https://api.roaring.io/token');
$request->setMethod(HTTP_METH_POST);

$request->setHeaders(array(
  'Cache-Control' => 'no-cache',
  'Content-Type' => 'application/x-www-form-urlencoded',
  'authorization' => 'Basic Base64(consumer-key:consumer-secret)'
));

$request->setContentType('application/x-www-form-urlencoded');
$request->setPostFields(array(
  'scope' => 'PRODUCTION',
  'grant_type' => 'client_credentials'
));

try {
  $response = $request->send();

  echo $response->getBody();
} catch (HttpException $ex) {
  echo $ex;
}

The examples shown above will return an OAuth token with a validity time of 3600 seconds, a response example:

OAUTH Token Example Response

{
   "access_token": "d4c7d9a8-eb5f-34fb-b7b6-2acaad1cdd86",
   "scope": "am_application_scope default",
   "token_type": "Bearer",
   "expires_in": 3600
}

The access_token received must then be used when calling the API by sending it in the request (Authorization) header:

Authorization : Bearer e6a59442-h1s5-31da-8032-0b0ba88a1y04