Convertr uses OAuth for it's API authentication. All end points (unless explicitly detailed) require an access_token to be passed through with each request. Tokens expire after 60minutes and need to either be refreshed or a new one generated.
| Info |
|---|
Beware that if your password is expired you will still receive an access token, but will receive the following error on any other API requests. You can see the status password_expired property which is returned along with your access token - if it’s true then you will need to reset your password. |
Requesting a token
Request:
Access Token
| Code Block | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||
POST /api/login HTTP/1.1
Host: {enterprise}.cvtr.io
Content-Type: application/x-www-form-urlencoded
username={your_email}&
password={your_password} |
Response:
Response
| Code Block | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||
{
"access_token": "YjJmYmExOGRhNjk5MzlmNDU1ZmM3OGI2ZjEwMTkwMTA0YzU3YmY4MzU4MjI3Yjg1Y2VlZDlkYmY0ZmRiOTg4MA",
"expires_in": 3600,
"token_type": "bearer",
"scope": null,
"refresh_token": "ZDRiZWViZDQxOGZmMWE4MDE5ODRjODNlOGUxOWQyZDRkNmZiYzZkNzU3ZGI2NGI2MTEwYTAzZmU5YzIxZTQ2Ng",
"client_id": "4_50bb9wpfmj8cwgw8kk8s848ck8s0gkc8wok0wogockwcdd88o8",
"client_secret": "zfiacn1uttcsogc0w4wocowgkk0socsggkoo88k8sskskws8gc",
"user_id": 123,
"password_expired": false
} |
You will then need to reference the access_token in all subsequent requests
...
using the Authorization header, with the application/json Content-Type
| Code Block |
|---|
--header 'Authorization: Bearer {YOUR_TOKEN}'
--header 'Content-Type: application/json' |