Authenticating

To authenticate with the Caf Connect API, you must obtain an OAuth2 access token.

The client_id and client_secret are obtained from an application in the Caf.io Trust. See Applications for details.

Obtain OAuth2 access token

post

Obtain an access token using the client credentials grant type.

Body

grant_typestring · enumRequired

Grant type to use.

Example: client_credentialsPossible values:

client_idstringOptional

Client ID obtained from application.

Example: your_client_id_here

client_secretstringOptional

Client secret obtained from application.

Example: your_client_secret_here

Responses

200

Access token response

application/json

400

Invalid request

application/json

401

Invalid client credentials or refresh token

application/json

post

POST /oauth2/token HTTP/1.1
Host: api.us.prd.caf.io
Content-Type: application/x-www-form-urlencoded
Accept: */*
Content-Length: 89

"'grant_type=client_credentials&client_id=your_client_id&client_secret=your_client_secret'"

{
  "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.EkN-DOsnsuRjRO6BxXemmJDm3HbxrbRzXglbN2S4sOkopdU4IsDxTI8jO19W_A4K8ZPJijNLis4EZsHeY559a4DFOd50_OqgHs3wqrZdmxrjkgBF-yBYa7ULEqZV5B8fEVFsv-JOXOgVBB65PFhHhKWEZrFuEiN9JbkmfUWEhMfBZjKpPVuJCnKn1KvwHKFGKVJ8-SHOJDjV5Y4dRQqn-sxiSJsJbL0j1zKJVPJb8kqGhVQcOLG8RNu7nKkKKoMjV3JrJKvPdVT8J9wJKFk1kJo",
  "token_type": "Bearer",
  "expires_in": 3600
}

You can use environment variables or secret managers to securely store your credentials in production environments.

Last updated 3 days ago