Authentication

formedix rest apis are authenticated using an oauth2 ‘client id’ and ‘secret’ the clientid/secret combination uniquely identifies the company and context of the api call to use our apis, a unique client id and client secret is provided by formedix please contact us if you require new credentials authenticate a new oauth2 session this request authenticates your oauth2 client credentials and prepares an authentication token for use in api requests authentication request endpoint endpoint post https //ryze formedix com/fws/api/oauth/token you can supply your company's client id and client secret credentials to authenticate an oauth2 session using one of the following three methods concatenating the client id and client secret by a colon, and then passing the base64 encoded result as the http basic credentials in the authorization header this method is recommended providing the credentials as client id and client secret body parameters in a application/x www form urlencoded request providing the credentials as client id and client secret properties in a json body for a application/json request (see example request aside) example authentication request as application/json body request { "grant type" "client credentials", "client id" "\<yourclientid>", "client secret" "\<yourclientsecret>" } the fallback method body content is ignored when the authorization header is present, or if alternative content types are specified the example request above returns the following response response { "access token" "", "token type" "bearer", "expires in" "", "scope" "all" } access token is the token to use for further api calls, and expires in is the number of seconds the token is valid for the token should be passed as a http bearer token in the authorization header in further requests errors http status code error code description 401 invalid client unsupported authentication method 401 completely missing authentication details 400 unsupported grant type unsupported "grant type" in request 400 invalid request invalid or incorrectly supplied credentials 400 missing client details credentials have not been supplied see also docid\ tqpncp50s5muu3bfnmk9w test an oauth2 bearer token this is a simple request to test that the http bearer token set in the authorization header is valid request get https //ryze formedix com/fws/api/oauth/test example response { "ok" "good token" } see also docid\ tqpncp50s5muu3bfnmk9w