Setup and Authentication

Important!

In other to authenticate you will need to create an API Client.

Your API credentials should include a client_id and a client_secret, with these credentials you should have access to the APIs.

Authentication

NOTE: For a more detailed guide on the authentication process please visit the authentication section of our API documentation.

Below is an example showing how you would authenticate using CURL:


      curl --location --request POST 'https://login.etrusted.com/oauth/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'client_id={client_id}' \
--data-urlencode 'client_secret={client_secret}' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'audience=https://api.etrusted.com'

    

Also, it's best to keep your {client_id} and {client_secret} away from prying eyes by authenticating on the server-side.

On a successful request you get back a response payload similar to this:


      {
    "access_token": "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJpd0hzYW1feTRYUUlBVzQ1bHEtR2xMWWRPN1BfNUp2ZVdSeC0tM1kyeFlVIn0.eyJqdGkiOiI1MmRjZjk4Yy1lMzliLTQ3OWEtYjM5NS1kYTZiZTExNjk3ZjgiLCJleHAiOjE2MjY3NzU2ODMsIm5iZiI6MCwiaWF0IjoxNjI2NzcyMDgzLCJpc3MiOiJodHRwczovL2xvZ2luLmV0cnVzdGVkLmNvbS9hdXRoL3JlYWxtcy9idXNpbmVzcyIsImF1ZCI6ImFjY291bnQiLCJzdWIiOiI0Yjg0OWI1OC0wMDI5LTRlOTUtYjdlOS0zYmIzZTY0OGIxY2QiLCJ0eXAiOiJCZWFyZXIiLCJhenAiOiJKcDl4Y3F0M0twUG14WUJwYmZ0dzl1Q2ptalQ2RVBhNCIsImF1dGhfdGltZSI6MCwic2Vzc2lvbl9zdGF0ZSI6IjQ4M2YxNzE3LTNiMTgtNDc0NC1iYjk4LWQ3ODM2NDhiZDU1MyIsImFjciI6IjEiLCJhbGxvd2VkLW9yaWdpbnMiOlsiaHR0cHM6Ly9hcGkuZXRydXN0ZWQuY29tIl0sInJlYWxtX2FjY2VzcyI6eyJyb2xlcyI6WyJiMmJfdXNlciJdfSwicmVzb3VyY2VfYWNjZXNzIjp7ImFjY291bnQiOnsicm9sZXMiOlsibWFuYWdlLWFjY291bnQiLCJtYW5hZ2UtYWNjb3VudC1saW5rcyIsInZpZXctcHJvZmlsZSJdfX0sInNjb3BlIjoiZW1haWwgcHJvZmlsZSIsImFyZWFzLWFsbG93ZWQiOlsibWFycyJdLCJjbGllbnRIb3N0IjoiMTUxLjM2LjEyMi41NSIsImVtYWlsX3ZlcmlmaWVkIjpmYWxzZSwiY2xpZW50SWQiOiJKcDl4Y3F0M0twUG14WUJwYmZ0dzl1Q2ptalQ2RVBhNCIsInByZWZlcnJlZF91c2VybmFtZSI6InNlcnZpY2UtYWNjb3VudC1qcDl4Y3F0M2twcG14eWJwYmZ0dzl1Y2ptanQ2ZXBhNCIsImh0dHBzOi8vZXRydXN0ZWQuY29tIjp7ImFjY291bnRSZWYiOiIyYzk4N2ZhNi02OTc4LTQ5YTMtODJiNi0xOThjZTk1OGFlZTMiLCJyb2xlIjoib3duZXIiLCJwZXJtaXNzaW9ucyI6eyJ1cm4iOiJ1cm46ZXRydXN0ZWQ6KiJ9fSwiY2xpZW50QWRkcmVzcyI6IjE1MS4zNi4xMjIuNTUiLCJlbWFpbCI6InNlcnZpY2UtYWNjb3VudC1qcDl4Y3F0M2twcG14eWJwYmZ0dzl1Y2ptanQ2ZXBhNEBwbGFjZWhvbGRlci5vcmcifQ.hBi-GC9niN-quGFMVKZKqR9I4YvhOLgOXgDza4ycbUl7_zydZXpSQx7j63jfUljrperLWfksr0G8m1pSyGHAsguJqYVY3L_aqA5y-ipZlJIXeR8e3-icIexqBMXeSsjF82smPRDhQqjMrgpQHOTo_LXq2ZmIdBsEpWWtxnnQ7OYiZVmCCf_gBMLGIlqhnnb4rq7YpfcjCZlGgCTsu6O-yGprk7gpfrQD8Q8O0o8BOO2jZM9Zudyh69FSkWtImObkVXN0zYapVqe1XuKh13tN8AI4A4nP330VqLmIxPVkuSaO4-tEoHZ1ORAMtq4NTQvZe0Xkwz_efx0VG8x1VOaTtg",
    "expires_in": 3600,
    "refresh_expires_in": 7200,
    "refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICI1M2I4MmJkMS1jNTc4LTRmMDctYmI2MC04MzQyYWQ4NGIzMmQifQ.eyJqdGkiOiI0MmUzNzc0Zi05N2I0LTQzMDQtYTE2Zi02MTE5OGMwMDM1OWYiLCJleHAiOjE2MjY3NzkyODMsIm5iZiI6MCwiaWF0IjoxNjI2NzcyMDgzLCJpc3MiOiJodHRwczovL2xvZ2luLmV0cnVzdGVkLmNvbS9hdXRoL3JlYWxtcy9idXNpbmVzcyIsImF1ZCI6Imh0dHBzOi8vbG9naW4uZXRydXN0ZWQuY29tL2F1dGgvcmVhbG1zL2J1c2luZXNzIiwic3ViIjoiNGI4NDliNTgtMDAyOS00ZTk1LWI3ZTktM2JiM2U2NDhiMWNkIiwidHlwIjoiUmVmcmVzaCIsImF6cCI6IkpwOXhjcXQzS3BQbXhZQnBiZnR3OXVDam1qVDZFUGE0IiwiYXV0aF90aW1lIjowLCJzZXNzaW9uX3N0YXRlIjoiNDgzZjE3MTctM2IxOC00NzQ0LWJiOTgtZDc4MzY0OGJkNTUzIiwicmVhbG1fYWNjZXNzIjp7InJvbGVzIjpbImIyYl91c2VyIl19LCJyZXNvdXJjZV9hY2Nlc3MiOnsiYWNjb3VudCI6eyJyb2xlcyI6WyJtYW5hZ2UtYWNjb3VudCIsIm1hbmFnZS1hY2NvdW50LWxpbmtzIiwidmlldy1wcm9maWxlIl19fSwic2NvcGUiOiJlbWFpbCBwcm9maWxlIn0.9Pq2VfDZAkOiZRKEA5eTOYp6wdn7ngzOTEQSlFHRQvk",
    "token_type": "bearer",
    "not-before-policy": 1624917767,
    "session_state": "483f1717-3b18-4744-bb98-d783648bd553",
    "scope": "email profile"
}

    

In subsequent API calls, you need to include the access_token as a bearer token in the request header. For example, if you wanted to request the list of reviews it will look something like this:


      curl --location --request GET 'https://api.etrusted.com/reviews' \
--header 'Authorization: Bearer {access_token}'

    

What next?

Once you are able to generate the access_token, the tutorials section will be the next best place to visit. It is meant to provide a general overview of the APIs available.

You can also go ahead and explore the API documentation if you already have an idea in mind and just need the right call parameters!

To learn more about the key standards our authentication flow is based on checkout OAuth's official site and jwt.io.

Scroll back up

Need further support?

Visit the Help Centre for further information, or contact us. Are some words or terms unfamiliar? Then visit the glossary for clarification.