- Customers: Use Basic authentication.
- Partners: Use OAuth2.
Basic authentication
Basic authentication is a simple authentication scheme built into the HTTP protocol. The client sends HTTP requests with theAuthorization
header that contains the word Basic
word followed by a space and a base64-encoded string username:password
. In Spacebring, username
is your client_id
and password
is your client_secret
. For example, to authorize as client id / client secret
you would send
OAuth2
Obtain your Client ID and Client Secret and register a valid redirect_uri. To do it, please reach out to api@spacebring.com.Obtaining authorization code
You need to make a GET request to https://api.spacebring.com/oauth2/authorize with following query parameters:Parameter | Description |
---|---|
client_id | your Client ID |
redirect_uri | your redirect_uri |
response_type | should be set to code |
scope | list of scopes separated by spaces or commas |
redirect_uri
with code
in query parameters.
Obtaining access and refresh tokens
With code received in previous step you need to make a POST request to https://api.spacebring.com/oauth2/token with following body in x-www-form-urlencoded format:Parameter | Description |
---|---|
client_id | your Client ID |
client_secret | your Client Secret |
grant_type | should be set to authorization_code |
code | code received in previous step |
Accessing API
You need to pass your access token in ‘Authorization’ header along withspacebring-network-id
header with the id of the network.
Refreshing access token
Access tokens have a limited lifetime of 1 hour. To get new access token you need to make a POST request to https://api.spacebring.com/oauth2/token with following body in x-www-form-urlencoded format:Parameter | Description |
---|---|
client_id | your Client ID |
client_secret | your Client Secret |
grant_type | should be set to refresh_token |
refresh_token | refresh token received in previous step |
Revoking access token
To revoke your refresh and access tokens you need to make a POST request to https://api.spacebring.com/oauth2/revoke withtoken
in query parameters.
You will receive response that looks like this: