Authorization

Every REST API endpoint you access requires that you supply an access token in the header of your request to verify that you are an authorized user.

Authorization involves the following three steps:

  1. Generate a client secret based on your client ID. You only need to do this once. However, since the secret is confidential, any time you change the client secret, take care to only provide the secret to the vetted parties with access to the API.
  2. Use the secret to get an access token.
  3. Include the access token in all API requests.

Related Topics:

  • Generate the Secret
    Your application identifies itself to DPS by using the secret, which is a unique code DPS generates and associates with your client ID. You only need to generate the secret once. However, since the secret is confidential information, if you create a new generated secret any time thereafter, take care who you share the newly generated secret with. You'll need to refresh your access token anywhere the API is used.
  • Get an Access Token
    You submit a POST request to the /token endpoint to obtain the access token that you must use in every API request.
  • Use the Access Token in an API Call
    Once you have generated the access token by passing the client ID and secret to the /token endpoint, you can use the access token in all API calls.
Parent Topic: API Reference