Introduction

Using OAuth 2.0 is necessary for using the NetNow API. Authorization via OAuth 2.0 is a well-known and stable way to get fine-grained access to an API.

After registering the app, you have to add the necessary server-side logic to your app to establish the OAuth flow.

Client ID and Client Secret

A Client ID and Secret will be required to retrieve an access token. Please request a Client ID and Secret from Support if you currently do not have a Client ID and Secret.

curl -X POST \
    -u ${ID}:${SECRET} \
    -H "Cache-Control: no-cache" \
    -H "Content-Type: application/x-www-form-urlencoded" \
    -d "grant_type=client_credentials" \
    -d "scope=payments" \
    "https://{{DOMAIN}}/api/oauth/token/"

The response will be:

{
    "access_token": "PaZDOD5UwzbGOFsQr34LQ7JUYOj3yK",
    "expires_in": 36000,
    "token_type": "Bearer",
    "scope": "payments"
}

Using the Access Token

Once an Access Token is acquired, each additional request needs to contain this token in the Authorization header as follows:

curl -X POST \
    -H "Authorization: Bearer PaZDOD5UwzbGOFsQr34LQ7JUYOj3yK" \
    -H "Cache-Control: no-cache" \
    -H "Content-Type: application/x-www-form-urlencoded" \
    "https://{{DOMAIN}}/api/protected/"