# Authentication
All API endpoints require OAuth authorisation.
# Obtaining an Access Token
To obtain an access token:
Send a
POSTrequest to the following token endpoint:[Netomnia Base URL]/IdentityModule/v1.0/oauth/tokenUse Basic Authentication for this request:
- Username: Your provided OAuth Client ID
- Password: Your provided OAuth Client Secret
Example cURL Request:
curl --location --request POST 'https://sandbox.netomnia-wholesale.substantial.group/IdentityModule/v1.0/oauth/token' \
--header 'Authorization: Basic <Base64 encoded username and password>'
Example Successful Response:
{
"access_token": "ey23rhbGciOiJI...",
"token_type": "Bearer",
"scope": "default",
"expires_in": 3600
}
Use this access_token as a Bearer token in the Authorization header for all subsequent API requests:
Authorization: Bearer <access_token>
Replace <access_token> with the value returned from the token endpoint.
# Error Handling
| HTTP Status | Error Name | Description / When it Occurs | Example Message |
|---|---|---|---|
| 400 | Bad Request | Missing or invalid parameters | "invalid_request" |
| 401 | Unauthorized | Invalid client credentials | "invalid_client" |
| 403 | Forbidden | Client not permitted to access this resource | "access_denied" |
Example Error Response:
{
"error": "invalid_client",
"error_description": "Client authentication failed"
}
# Additional Notes
- The
access_tokenis valid for the duration specified inexpires_in(in seconds). - If your token expires, repeat the process to obtain a new one.