Auth
This page describes how authentication and authorization is implemented in the Live Data API.
All API calls require authentication in the form of an access token, which can be obtained using a username/password or service account credentials via the OAuth2 token endpoint.
Live Data uses the OAuth2 Client Credentials flow for authenticating service accounts. Create a Service Account using the UI by selecting the Teams
menu on the left and the Service Accounts
tab. When creating a service account, you will be provided the client secret – this is the only time you can obtain the secret.
To authenticate using these credentials, call the session endpoint with grantType=clientCredentials
and the clientId
and clientSecret
params populated by the service account ID and secret. This will return an access token which can be used to authenticate further calls.
Request
curl -X 'POST' \
'https://gotlivedata.io/api/identity/v1/session' \
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d '{
"grantType": "clientCredentials",
"clientId": "<your service account/client id>",
"clientSecret": "<your client secret>"
}'
Response
{"accessToken": "eyJ0eXAiOiJKV1Qi.eyJ0eXAiOiJKV1Qi.4K20wYgWlrQ9y58-nBJU8", "expiresAt": "2021-11-19T23:36:09.092720"}
To obtain an access token using user credentials, call the [#](session endpoint) using the username and password.
curl -X POST https://api.gotlivedata.com/v1/session \
-d "username=<username>&password=<password>"
A successful response will be a 200
and include an access_token
field in the body, along with the expiration time. Access tokens expire 1 hour after creation.
All API calls require a defined ‘role’, which is specified in the API documentation. The user or service account making the API call must have the specified role on the organization for the API call to succeed.