Authentication

Spotnana APIs use a Bearer token to authenticate incoming requests. The following authorization header must be included in all requests to access Spotnana APIs.

Authorization: "Bearer <YOUR_TOKEN_HERE>"

Generating an authentication token

The following steps explain how to generate an authentication token.

1. Contact your Spotnana account representative to obtain a unique client_id and client_secret credentials.

2. After receiving your credentials, you can generate the bearer authentication token by making a POST API request to the /v2/auth/oauth2-token endpoint. The request must contain the client_id, client_secret, and grant_type=client_credentials in the request body.

Sample request and response

The following code snippet is a sample curl request to generate a bearer token.

curl --location 'https://api.spotnana.com/v2/auth/oauth2-token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_id=client_id' \
--data-urlencode 'client_secret=client_secret' \
--data-urlencode 'grant_type=client_credentials'

A successful response for the above curl request will contain a temporary bearer token and its expiration time displayed in seconds.

{
  "access_token": "<access_token>",
  "expires_in": 3600,
  "token_type": "Bearer"
}

When you're working with Spotnana APIs, this bearer access_token must be included in every request as authorization header to validate the API calls. The following code snippet is a sample curl request which shows how you can include the bearer token in a request header.

curl https://api.spotnana.com/v2/companies -H "Authorization: Bearer <YOUR_TOKEN_HERE>"

Note: When making an API call, if the bearer token has exceeded the expiration time limit, you will receive an error code of 401 with a message in the JSON response indicating Access Token Invalid. In such cases, use the /v2/auth/oauth2-token endpoint again to generate another unique bearer token.