Authentication

This page describes how to request an authentication token. These authentication tokens are used

Scopes

ScopeUse
api:readPerform read-only operations for machine to machine (M2M) scenrarios.
api:writePerform full CRUD operations for machine to machine (M2M) scenrarios.
ui:client-onboardingUsed for the Onboarding Client Component
api:credit-insights:readAccess to Read Credit Insights data
api:profile:readAccess to Read Profile data
api:trade-line:readAccess to Read Credit Line data

Requesting Tokens Using The API

The Upwardli API OAuth 2.0 for authentication and authorization. Before you can use the API, you must obtain an access token using the client_id and client_secret provided to you. Once a token has been obtained, it must be passed in the Authorization header of each request to the API.

To request a token send a POST to our auth server containing the client ID and client secret provided.

Token Request

POST https://auth-sandbox.upwardli.com/auth/token/

1{
2"header": "content-type: application/json",
3"grant_type":"client_credentials",
4"client_id":"[your id here]",
5"client_secret":"[your secret here]",
6"scope":"api:read api:write"
7}

Here’s a cURL example for the token request:

1curl --location --request POST https://auth-sandbox.upwardli.com/auth/token/ \
2--header 'Content-Type: application/json' \
3--data \
4'{
5  "grant_type":"client_credentials", 
6  "client_id":"[api client key]", 
7  "client_secret":"[api client secret]", 
8  "scope":"api:read api:write" 
9}'

Here’s what a successful response looks like:

1{
2    "access_token": "xxxxx",
3    "expires_in": 86400,
4    "token_type": "Bearer",
5    "scope": "api:read api:write"
6}
Built with