When using dedicated API user credentials post a request to /access/grant.

Obtaining an Access Token POST

The request should look like this:


$pest = new Pest($url);
$query = array(
'grant_type' => 'password',
'username' => 'user_username',
'password' => 'user_password',
'client_id' => 'client_id',
'client_secret' => 'your_client_secret',
'redirect_uri' => '',
);

$res = $pest->post("/access/grant", $query);

 

Parameter Type Description
grant_type string Use ‘password’ to obtain an acccess token based on user credentials
username string API username
password string API password
client_id string Your application’s unique identifier
client_secret string Your application’s secret

 

A typical response would be:


{
"access_token":"19cf44ee2a2af6c0395c49bf075cc483372c0cfa",
"expires_in":3600,
"token_type":"bearer",
"scope":null,
"refresh_token":"4ce81ca63fa413b9fc4c9798a7ff4063b10af480"
}

The access token will expire in 3600 seconds (1 hour). After this you can either post a new login request or use the refresh token (expires in 14 days) to obtain a new access token.

Using the access token GET

Make an example request to /access/token?access_token=19cf44ee2a2af6c0395c49bf075cc483372c0cfa.


{
  "token": {
    "access_token": "19cf44ee2a2af480395c49bf075cc483372c0cfa",
    "client_id": "your_client_id",
    "user_id": "1492",
    "expires": 1382603526,
    "scope": null
  }
}

Explore other resources in our API Explorer

 

Using the refresh token POST

The refresh token lets you get a new access token, with every request a new refresh token is issued as well and the expiration is reset to 14 days.


$pest = new Pest($url);
$query = array(
            'grant_type' => 'refresh_token',
            'refresh_token' => 'refresh_token',
            'client_id' => 'client_id',
            'client_secret' => 'your_client_secret',
            'redirect_uri' => 'https://example.com/oauth_authorize.php',
        );
$res = $pest->post("/access/grant", $query);