Authentication

This page describes how to request an authentication token. These authentication tokens are used for machine to machine communication.

Scopes

ScopeUse
api:readPerform read-only operations for machine to machine (M2M) scenrarios.
api:writePerform full CRUD operations for machine to machine (M2M) scenrarios.
ui:client-onboardingUsed for the Onboarding Client Component in combination with api:read and api:write
api:credit-insights:readAccess to Read Credit Insights data
api:profile:readAccess to Read Profile data
api:trade-line:readAccess to Read Credit Line data

Requesting Tokens Using The API

The Upwardli API OAuth 2.0 for authentication and authorization. Before you can use the API, you must obtain an access token using the client_id and client_secret provided to you. Once a token has been obtained, it must be passed in the Authorization header of each request to the API.

To request a token send a POST to our auth server containing the client ID and client secret provided.

Onboarding Token Request

POST https://auth-sandbox.upwardli.com/auth/token/

1{
2"header": "content-type: application/json",
3"grant_type":"client_credentials",
4"client_id":"[your id here]",
5"client_secret":"[your secret here]",
6"scope":"api:read api:write ui:client-onboarding"
7}

Here’s a cURL example for the token request:

1curl --location --request POST https://auth-sandbox.upwardli.com/auth/token/ \
2--header 'Content-Type: application/json' \
3--data \
4'{
5  "grant_type":"client_credentials", 
6  "client_id":"[api client key]", 
7  "client_secret":"[api client secret]", 
8  "scope":"api:read api:write ui:client-onboarding" 
9}'

Here’s what a successful response looks like:

1{
2    "access_token": "xxxxx",
3    "expires_in": 86400,
4    "token_type": "Bearer",
5    "scope": "api:read api:write ui:client-onboarding"
6}