Fenris Digital restricts access to its APIs and manages access tokens through an OAuth2 authorization server. The Client Credentials workflow defined by the OAuth 2 specification is the principal token manager. You will receive a Client-Id and Client Secret used to obtain an access token from the Authorization Server.
We provide example code for using Fenris' AWS Cognito-based authentication API to fetch a token for making later requests.
Samples are currently available in Python, JavaScript, Java, C#, and Ruby.
You can download the current code samples here 
.
Fenris uses a Bearer Authentication scheme, which is one of the most commonly used methods for API Authentication. Bearer tokens can be understood as "granting access to the bearer of this token".
When a request is made to the Fenris Authorization Server with the Fenris provided Client-ID and Client Secret, the Fenris Authorization Server returns a response containing a bearer token. This token is a random string that is generated in response to the provided Client-Id and Client Secret. The bearer token provides access to the restricted Fenris Services when the token is included in the Authorization header of a request. When a request to a Fenris Service is sent with the bearer token included in the header, the service verifies the recieved bearer token is valid, and controls access to serviced based on the token.
The bearer tokens generated by the Fenris Authentication Server are valid for 24 hours from the time they are issued, and when the token expires, the user must generate a new token by making another request to the Authorization Server.
You can read more about Bearer Authentication in detail here .
Obtain a token.
Returns an authentication token.
header Parameters
| Content-Type | string Example: application/x-www-form-urlencoded |
| Authorization | string Example: Basic<<BASIC_STRING>> The BASIC_STRING is the Base-64 encoding of the cliient_id and client_secret separated by a colon. This is the standard token passed for Basic authentication with username replaced by client_id, and password replaced by client_secret. Many libraries will do this for you if you select basic authentication and set the username to your client_id and set the password to the client_secret. |
Request Body schema: application/x-www-form-urlencodedrequired
| client_id | string A client ID obtained from Fenris Digital. |
| grant_type required | string The type of token to be granted. |
Responses
Response Schema: */*
| token_type | string The type of security token being returned. This will always be a bearer token. |
| expires_in | string The remaining ammount of time the token will be valid for in seconds. Note: Access tokens are good for one day before they must be refreshed. You must submit another call to obtain a new token after the previous one expires. |
| access_token | string The value to be used as a Bearer token in the Authorization header of the request. |
Request samples
- Payload
client_id=OBTAIN_FROM_FENRIS&grant_type=client_credentials