Authentication and Authorization
Bits uses the OAuth 2.0 protocol. The customer must create API credentials (client ID and secret) in the Bits Dashboard's Developer Page (opens in a new tab). The credentials are used to create Oauth access tokens.
See below for instructions on how to generate an access token.
Generate Oauth access token
The access token is generated from POST /v1/oauth2/token using your API credentials You can find your API credentials in Bits Dashboard's Developer Page (opens in a new tab).
Authentication is performed by including an Authorization header with the value Basic {credentials} in the request. The credentials are a base64 encoded string of the clientId and clientSecret separated by a colon (:).
Pass grant type client_credentials in the request body to generate an access token.
The access token is a bearer token and the holder of the token is authorized to create applications and read application data. The token can be used to create and/or read multiple application until it expires. The token is valid for 1 hour. After that, the client must generate a new token using the API credentials.
Request
POST /v1/oauth2/token HTTP/1.1
Authorization: Basic <base64({clientId:clientSecret})>
Content-Type: application/x-www-form-urlencoded
grant_type=client_credentials| Property | Type | Description |
|---|---|---|
grant_type | string | (Required) Only available grant type for now is client_credentials. See Grant types table |
Response
{
"type": "Bearer",
"access_token": "<access_token>",
"expires_in": 3600,
"scope": "application"
}| Property | Type | Description |
|---|---|---|
type | string | Specifies which type the access token is. |
access_token | string | The access token string is used to authorize API requests. |
expires_in | integer | Specifies the duration of time in seconds the access token is valid. |
scope | string | Specifies which scopes the access token has been granted. |
Retrieve token owner information
Use this endpoint to retrieve information about the user associated with the token.
Request
GET /oauth2/userinfo HTTP/1.1
Authorization: bearer <accessToken>Response
| Property | Type | Description |
|---|---|---|
customerId | string | Specifies which the identity of the customer. |
{
"customerId": "bits:customer::e0d429f2-635b-418c-8b74-4a554f82c0bc"
}Available scopes
| Scope | Required claims | Description |
|---|---|---|
application | This scope will grant access to create applications and read application data. | |
application.read | This scope will grant access to read application data. | |
application.session | application_id, workflow_id, redirect_url | This scope will grant access to execute an application flow and is limited to just a specific application application_id claim. |
Available Grant types
| Grant Type | Description |
|---|---|
client_credentials | This grant type will application access to clients resources. |