Ana içeriğe atla

Overview

The Authentication API provides endpoints for obtaining Personal API Access Tokens, which are required for accessing all other Management API endpoints.

Authentication

The token creation endpoint does not require authentication. However, you must provide valid Apinizer credentials (username and password) to obtain a token.

Token Usage

Once you have obtained a token, include it in the Authorization header of all subsequent API requests: 
Authorization: Bearer YOUR_TOKEN

Create Token

Endpoint

POST /apiops/auth/token

Request

Headers

HeaderValueRequired
Content-Typeapplication/x-www-form-urlencodedYes
Acceptapplication/jsonNo

Request Body (URL Encoded)

The request body must be sent as application/x-www-form-urlencoded (not JSON).
ParameterTypeRequiredDescription
grant_typestringYesMust be client_credentials
client_idstringYesYour Apinizer username
client_secretstringYesYour Apinizer password

Full Request Body Example

grant_type=client_credentials&client_id=your_username&client_secret=your_password

Response

Success Response (200 OK)

{
  "access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c",
  "token_type": "Bearer",
  "expires_in": 3600
}
Response Fields
FieldTypeDescription
access_tokenstringThe Personal API Access Token to use for authentication
token_typestringAlways Bearer
expires_inintegerToken expiration time in seconds (if applicable)

Error Response (400 Bad Request)

{
  "error": "unsupported_grant_type",
  "error_description": "GrantType value must be client_credentials!"
}
Cause: The grant_type parameter is not client_credentials.

Error Response (401 Unauthorized)

{
  "error": "unauthorized_client",
  "error_description": "Bad credentials"
}
Causes
  • Invalid username or password
  • Account is disabled or locked
  • Credentials are incorrect

Error Response (500 Internal Server Error)

{
  "error": "server_error",
  "error_description": "An unexpected error occurred"
}

cURL Example

curl -X POST \
  "https://demo.apinizer.com/apiops/auth/token" \
  -H "Content-Type: application/x-www-form-urlencoded" \
  -H "Accept: application/json" \
  -d "grant_type=client_credentials&client_id=your_username&client_secret=your_password"

Full JSON Body Example

This endpoint uses application/x-www-form-urlencoded format, not JSON. The example below shows the equivalent data structure:
{
  "grant_type": "client_credentials",
  "client_id": "your_username",
  "client_secret": "your_password"
}
Important: When making the actual request, send this data as URL-encoded form data, not as JSON.

Notes and Warnings

  • Security: Never commit credentials or tokens to version control
  • Token Storage: Store tokens securely (use environment variables or secret management)
  • Token Expiration: Tokens may expire based on configuration. Check expires_in field
  • Token Format: Always use Bearer prefix when including token in Authorization header
  • Content-Type: This endpoint requires application/x-www-form-urlencoded, not application/json