Authentication

Our APIs utilize the OAuth 2.0 framework for secure and seamless authentication. OAuth 2.0 provides various grant types to cater to different scenarios.

Here are the primary authentication endpoints that you can use to be authenticated before using any of our APIs

Client Credentials Grant

POST https://iam.ants.tech/oauth/token

The Client Credentials Grant API is designed for client applications to obtain an accessToken in the OAuth2.0 process before it could be able to make any other further requests to our APIs.

Headers

Name

Type

Description

Content-Type*

String

application/x-www-form-urlencoded

Request Body

Name

Type

Description

grant_type*

String

Fixed value: client_credentials

client_id*

String

Your provided app Client ID. For example, 26156a86-b739-4c6b-9de2-314228c3e6e5

client_secret*

String

Your provided app Client Secret. For example, ECOTBQNP44IFPCVMQNSZ

scope*

String

Your requested scope. Currently, our APIs support these 4 kinds of scope:

- item To access our BO data

- event To access our event data

- profileTo access our customer data

- promotionTo access our promotion data

You can request multiple scopes by separating them by a comma.

{
    "accessToken": "5474r2x214z26484u2e4y4a403q5e4z5m4j4b403s526",
    "accessTokenExpiresAt": "2023-08-10T12:41:57.643Z",
    "scope": "item"
}

{
    "statusCode": 400,
    "status": 400,
    "code": 400,
    "message": "Invalid scope: Requested scope is invalid",
    "name": "invalid_scope"
}

PreviousPrerequisites NextProfile API

Last updated 2 months ago