Skip to content

Authentication

All calls to our APIs require a valid access token obtained through the OAuth 2.0 Client Credentials flow with the necessary scopes as documented in the reference documentation.

Info

We hold the highest standards for data privacy and security. We expect that developers using our APIs follow secure practices when integrating with us including, but not limited to, (i) accessing APIs through secure communication channels and (ii) following security best practices when storing, sharing and accessing API credentials and access tokens. You must promptly notify us about any known or suspected security incidents. We reserve the right to suspend or deactivate clients whose credentials we suspect have been breached.

Steps

  1. Get your API credentials. Your clientId and clientSecret information will be securely shared by the AgentSync team during onboarding. Please contact us to request access or if you need assistance with finding your credentials.

  2. Obtain an access token from the authorization server.

  3. Sandbox Authorization Endpoint: POST https://auth.sandbox.agentsync.io/oauth2/token

  4. Production Authorization Endpoint: POST https://auth.agentsync.io/oauth2/token
  5. Required Request Headers:
  6. Content-Type: Value must be application/x-www-form-urlencoded.
  7. Authorization: Value must be Basic {encodedClientCredentials} where {encodedClientCredentials} is the Base64 encoding of your crendentials in the format {clientId}:{clientSecret}.
  8. Required Request Parameters:
  9. grant_type: You must pass in the grant_type parameter with value client_credentials.
  10. scope: You must pass in the scope parameter with one ore more valid space-delimited scopes. E.g.: https://api.agentsync.io/compliance_check https://api.agentsync.io/npn_lookup.

Example request: 

curl --request POST '<https://auth.sandbox.agentsync.io/oauth2/token?grant\_type=client\_credentials&scope=https://api.agentsync.io/compliance\_check> <https://api.agentsync.io/npn\_lookup>' \
    -H 'Authorization: Basic test6XMVeCLDL7LjNNon5LhuGOdpxGJpsFBVdfFB0BYoZXyOL2' \
    -H 'Content-Type: application/x-www-form-urlencoded'
  1. Pass in the access token when making API calls by including the Authorization header with the value Bearer {access_token}

Example request: 

curl --location --request GET 'https://api.sandbox.agentsync.io/v1/entities' \
    -H 'Accept: application/json' \
    -H header 'Authorization: Bearer testq3nE1W12KYPFvdackwn5GAlxlemWVXSCg4i1bMmjT66StfBgvYiP9Cim2WajZxlXKGXSdOEuHR8ymft3In1EBxyNUa4LgxVt'