Authentication

On this page, you will find information about how to authenticate with the Authorization API, construct the authentication header, and use it in subsequent requests.

To authorize access to the API, we use the standard OpenID Connect protocol with the Client Credentials grant. The token endpoint is available at /oauth2/token.

The flow is described in detail in the OAuth specification (opens in a new tab). Below is a quick summary of the flow if you choose to implement it yourself. Alternatively, you can use a third-party OpenID Connect client library to handle the token workflow for you. This approach is both recommended and common. Numerous open-source OpenID Connect libraries are available for most programming languages and platforms.

1. Get Access Token

Use your client credentials to obtain an access token on selected a environment

POST /oauth2/token HTTP/1.1
Host: stage.authorization-api.avarda.com
Content-Type: application/x-www-form-urlencoded
 
client_id=<your-client-id>&client_secret=<your-client-secret>&grant_type=client_credentials

The response includes the access_token along with additional information, such as its expiry.

{
  "token_type": "Bearer",
  "expires_in": "3599",
  "ext_expires_in": "3599",
  "expires_on": "1614267550",
  "not_before": "1614263650",
  "resource": "00000002-0000-0000-c000-000000000000",
  "access_token": "ey……………"
}

2. Use Token in Request Header

Cache the token and include it in the Authorization header for subsequent API calls.

GET /authorization/57dae8d9-e192-40f2-8355-690f5b744cba HTTP/1.1
Host: stage.authorization-api.avarda.com
Authorization: Bearer ey.........

3. Renew Token On Expiry

Be mindful of the token's expiry time. When the token expires, use the /oauth2/token endpoint again to obtain a new token.

Environments Create Credit Authorization