Authenticating

To authenticate with the Caf Connect API, you must obtain an OAuth2 access token.

The client_id and client_secret are obtained from an application in the Caf.io Trust. See Applications for details.

Obtain OAuth2 access token

post

Obtain an access token using the client credentials grant type.

Body
grant_typestring · enumRequired

Grant type to use.

Example: client_credentialsPossible values:
client_idstringOptional

Client ID obtained from application.

Example: your_client_id_here
client_secretstringOptional

Client secret obtained from application.

Example: your_client_secret_here
Responses
200

Access token response

application/json
post
POST /oauth2/token HTTP/1.1
Host: api.us.prd.caf.io
Content-Type: application/x-www-form-urlencoded
Accept: */*
Content-Length: 89

"'grant_type=client_credentials&client_id=your_client_id&client_secret=your_client_secret'"
{
  "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.EkN-DOsnsuRjRO6BxXemmJDm3HbxrbRzXglbN2S4sOkopdU4IsDxTI8jO19W_A4K8ZPJijNLis4EZsHeY559a4DFOd50_OqgHs3wqrZdmxrjkgBF-yBYa7ULEqZV5B8fEVFsv-JOXOgVBB65PFhHhKWEZrFuEiN9JbkmfUWEhMfBZjKpPVuJCnKn1KvwHKFGKVJ8-SHOJDjV5Y4dRQqn-sxiSJsJbL0j1zKJVPJb8kqGhVQcOLG8RNu7nKkKKoMjV3JrJKvPdVT8J9wJKFk1kJo",
  "token_type": "Bearer",
  "expires_in": 3600
}

You can use environment variables or secret managers to securely store your credentials in production environments.

Last updated