Authentication
Our APIs utilize the OAuth 2.0 framework for secure and seamless authentication. OAuth 2.0 provides various grant types to cater to different scenarios.
Here are the primary authentication endpoints that you can use to be authenticated before using any of our APIs
Client Credentials Grant
POST https://iam.ants.tech/oauth/token
The Client Credentials Grant API is designed for client applications to obtain an accessToken in the OAuth2.0 process before it could be able to make any other further requests to our APIs.
Headers
Content-Type*
String
application/x-www-form-urlencoded
Request Body
grant_type*
String
Fixed value: client_credentials
client_id*
String
Your provided app Client ID. For example, 26156a86-b739-4c6b-9de2-314228c3e6e5
client_secret*
String
Your provided app Client Secret. For example, ECOTBQNP44IFPCVMQNSZ
scope*
String
Your requested scope. Currently, our APIs support these 4 kinds of scope:
- item To access our BO data
- event To access our event data
- profileTo access our customer data
- promotionTo access our promotion data
You can request multiple scopes by separating them by a comma.
{
"accessToken": "5474r2x214z26484u2e4y4a403q5e4z5m4j4b403s526",
"accessTokenExpiresAt": "2023-08-10T12:41:57.643Z",
"scope": "item"
}{
"statusCode": 400,
"status": 400,
"code": 400,
"message": "Invalid scope: Requested scope is invalid",
"name": "invalid_scope"
}Last updated