Skip to main content
All CollectionsPublisheradvanced APIAuthentification
advanced API - Get an access token
advanced API - Get an access token
S
Written by Sascha Hoffmann
Updated over 7 months ago

To access the advanced API Endpoints for statistics and transactions, you must have an authorization token. You can create an authorization token using the OAuth 2 client credentials flow with the provided client credentials.

It's important to note that every token must have a valid audience, which can be found in the available audiences list. If you need to access multiple audiences with one token, separate them via an ASCII whitespace (ASCII 32 | U+0020).

If you don't have a client ID and client secret, please contact your Account Manager or email [email protected] for assistance.

It's important to note that the client secret is a confidential value and should never be shared with anyone or used in any client app. We recommend explicitly stating this in your documentation. As the customer, you are responsible for keeping your client credentials secure.

Requesting Authorization Token

To request an authorization token, you need to send an HTTP POST request to https://auth.advanced-store.com/oauth2/token. The request must have the following parameters:

  • grant_type: Set it to "client_credentials".

  • client_id: Set it to your client ID provided by Advanced-Store.

  • client_secret: Set it to your client secret provided by Advanced-Store.

  • audience: Set it to api.ad4mat.net and api.advanced-store.com like shown below

Example HTTP Request

POST https://auth.advanced-store.com/oauth2/token

Header

Content-Type: application/x-www-form-urlencoded

Body

grant_type=client_credentials 
&client_id={YOUR_CLIENT_ID} 
&client_secret={YOUR_CLIENT_SECRET}
&audience=api.ad4mat.net
&audience=api.advanced-store.com

HTTP Response

If the request is successful, the server will respond with an HTTP response with a JSON body that contains the following parameters:

  • access_token: The authorization token you requested.

  • expires_in: The time in seconds before the authorization token expires.

  • scope: The scope of the authorization token.

  • token_type: The type of the authorization token, which is "bearer".

Example HTTP Response

{ 
  "access_token": "...", 
  "expires_in": 3600, // time in seconds 
  "scope": "", 
  "token_type": "bearer" 
}

Using Authorization Token

To use the authorization token, you need to add an Authorization header to your HTTP request. The header must have the value "{YOUR_ACCESS_TOKEN}" (no bearer), where "{YOUR_ACCESS_TOKEN}" is the authorization token you received.

Example HTTP Request

GET https://api.advanced-store.com/example

Header

Authorization: Bearer {YOUR_ACCESS_TOKEN}

Did this answer your question?