Last updated

Authentication

Spotnana APIs use a Bearer token to authenticate incoming requests. The following authorization header must be included in all requests to access Spotnana APIs.

Authorization: "Bearer <YOUR_TOKEN_HERE>"

Generating an authentication token

Spotnana partners can generate the bearer authentication token using the /get-auth-token API by including the clientId and the clientSecret in the request body. Contact your Spotnana account representative to obtain the clientId and clientSecret credentials. The following code snippet is a sample curl request to generate a bearer token.

curl -i -X POST \
https://apis.spotnana.com/get-auth-token \
-H 'Content-Type: application/json' \
-H 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Firefox/91.0' \
-d '{
  "clientId": "apiuser@abccorp.com",
  "clientSecret": "Welcome$$"
}'

Note: The User-Agent header is mandatory for all API requests.

A successful response for the above curl request will contain a temporary bearer token and its expiration time displayed in seconds.

{
    "token": "eyJraWQiOiJFRGVIWVwvRldGT...Trg",
    "expiryTimeInSeconds": 86400,
    "type": "Bearer"
}

When you're working with Spotnana APIs, this unique bearer token must be included in every request as authorization header to validate the API calls. The following code snippet is a sample curl request which shows how you can include the bearer token in a request header.

curl https://api.spotnana.com/v2/companies -H "Authorization: Bearer <YOUR_TOKEN_HERE>"

Note: When making an API call, if the bearer token has exceeded the expiration time limit, you will receive an error code of 401 with a message in the JSON response indicating Access Token Invalid. In such cases, use the /get-auth-token API again to generate another unique bearer token.