On this page you will find information about how to authenticate with the Authorization API, construct the authentication header and how to send credit request.
Avarda base URLs for Authorization API:
Stage/test environment https://avdonl-s-authorizationapi.westeurope.cloudapp.azure.com/
Production environment: https://avdonl-p-authorizationapi.westeurope.cloudapp.azure.com/
To authorize access to the API we use a standard Open ID Connect Client protocol – Client Credentials grant. The token endpoint is available on /oauth2/token.
The flow is described in details e.g. in https://tools.ietf.org/html/rfc6749#section-4.4.
This is a quick summary of the flow.
POST /oauth2/token HTTP/1.1
Host: avdonl-t-authorizationapi.westeurope.cloudapp.azure.com
Content-Type: application/x-www-form-urlencoded
client_id=<your-client-id>&client_secret=<your-client-secret>&grant_type=client_credentials
You will get an access token with additional information like a token expiry in the response:
{
"token_type": "Bearer",
"expires_in": "3599",
"ext_expires_in": "3599",
"expires_on": "1614267550",
"not_before": "1614263650",
"resource": "00000002-0000-0000-c000-000000000000",
"access_token": "ey……………"
}
2. Use the access token in the Authorization header in subsequent API calls, e.g.
GET /authorization/57dae8d9-e192-40f2-8355-690f5b744cba HTTP/1.1
Host: avdonl-t-authorizationapi.westeurope.cloudapp.azure.com
Authorization: Bearer ey.........
3. Beware of the token expiry. After the token expires use the /oauth2/token endpoint again to get a new token
Alternatively use some 3rd party Open ID Connect client library which will handle the workflow with tokens for you. This is actually recommended and typical approach. There are many open source Open ID Connect libraries available for most of the languages and platforms.