Skip to main content

Generating an Access Token

Overview

After creating your App Client you are ready to use it to generate Access Tokens that will allow you to authenticate and call the various Platform apis.

Send Request

With your App Client Id and Secret you can send a POST request to our /oauth2/token endpoint using Basic Authentication to generate an access token.

To utilize the Basic Authentication we first need to create a base64 encoding of your App Client's Id and secret delimited by a colon. You will use this base64 encoded value in the "Authorization: Basic" header when making requests to the API (see example request below).

base64({appClientId}:{appClientSecret})

By default, all access scopes attributed to your App Client will be applied to any access token generated by your App Client, however, you have the optional additional control of creating the access token with specific access scopes. To declare these scopes for a new access token you must include an array of scopes in the POST body. See Access Scopes for a list of available access scopes and their applications:

"scopes": [
            {desiredScopes}
        ]

The endpoint also requires the App Client Id and the following key:value pairs to be included in the body of the POST request:

"grantType": "CLIENT_CREDENTIALS",
"clientId": "{appClientId}",

With the above and the POST request to generate an access token should look something like the below:

curl --location --request POST 'https://api.talroo.com/v5/oauth2/token' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic base64({appClientId}:{appClientSecret})' \
--data-raw '{
    "grantType": "CLIENT_CREDENTIALS",
    "clientId": "{appClientId}",
    "scopes": [
            {desiredScopes}
        ]
}'

Example Request

curl --location --request POST 'https://api.talroo.com/v5/oauth2/token' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic NGQzYjA4ajAzb3Bzc3RxNWEyMDdmbmZ2berasdf5ZDBvM2o1aThtcGphMXJmbnQ0dWN2aTlic21ldm50aG12NDVwdHVpNzRwdHJmNWhl' \
--data-raw '{
    "grantType": "CLIENT_CREDENTIALS",
    "clientId": "4d3b08j03opsttq3939fnfvo5",
    "scopes": [
            "advertiser",
            "location:read",
            "category:read",
            "job:status:read",
            "integration",
            "customer:read"
        ]
}'

Response

With a successful request, you should receive a 200 status response with a response body in the below format:

{
    "accessToken": "eyJraWQiOiJzdkVmYnFjTm85U2s0d0doY3FrTlpLcmFBVVNqMCtCZm01ODB5QW95enZNPSIsImFsZyI6IlJTMjU2In0.eyJzdWIiOiI0ZDNiMDhqMDNvcHNzdHE1YTIwN2ZuZnZvNSIsInRva2VuX3VzZS4I6ImFjY2VzcyIsInNjb3BlIjoicGxhdGZvcm0tcHJvZFwvYWR2ZXJ0aXNlciIsImF1dGhfdGltZSI6MTY3NjQxMDk2NywiaXNzIjoiaHR0cHM6XC9cL2NvZ25pdG8taWRwLnVzLWVhc3QtMS5hbWF6b25hd3MuY29tXC91cy1lYXN0LTFfdEVKaVdnOUZjIiwiZXhwIjoxNjc2NDk3MzY3LCJpYXQiOjE2NzY0MTA5NjcsInZlcnNpb24iOjIsImp0aSI6IjdiODFhMjVjLTAxY2YtNDQzOC05YTJiLTFmNzBkMGEyMDU5OSIsImNsaWVudF9pZCI6IjRkM2IwOGowM29wc3N0cTVhMjA3Zm5mdm81In0.FZMppm_IXUecl48eAS_BsK5WX4LOcxdEgk0Ke8RXqrgjnWqqcaqpx7osupb2dZFyPj5v9RPFwM44Ujmab-5qSaSAInBMXOYzC_yPU6EAbOJNgBj0CMzsjPu7NdY2PklGBUdSZuusIdWrWJwDK9xlX4iSjXegWpy_s7FrSOEEuj-z6i3zDwlO5_ykWEC8uO-rKgAm1o7MGcGw8qXJeuO2Cs2PV11HwT1175c1FbhnzyILuc6ErCVck-haHs2V1RbNsxNNqrvqpNTqqueqCDP00YUunlEPRmMwWbq4oGDsIN2NFYVBNl_ksNpzChLlxIoE3OnHXABmANRB_P54nTxvmA",
    "tokenType": "Bearer",
    "expiresIn": 86400
}

This accessToken should be saved and used to authenticate future requests to the Platform API.

Incorrect credentials will result in a 400 with the below response

{
  "type": "/errors/bad-credentials",
  "title": "Bad credentials",
  "status": 400,
  "instance": "about:blank"
}