Authentication

To securely access and use the API, each request must be authorized. Authentication is done via a standard OAuth 2.0 Client Credentials Flow, using the Client ID and Client Secret provided by maib.

Main steps of authentication:

Obtaining the access token (Access Token): The client application sends a POST request to the /v2/auth/token endpoint, providing the clientId and clientSecret.
Receiving the token: If the credentials are correct, the response will contain:

accessToken: a JWT (JSON Web Token) required for authorizing subsequent requests.
expiresIn: token lifetime in seconds (e.g., 300 seconds = 5 minutes).
tokenType: usually Bearer.

Using the token in requests: For every call to other API endpoints, the token must be included in the HTTP Authorization header in the format:

Authorization: {tokenType} {access_token}

Token renewal: After the accessToken expires, the client must repeat step 1 to obtain a new token.

PreviousEndpoints NextObtain authentication token

Last updated 2 days ago