User authentication
Some resources are public, like banks and categories, where only a Client-Id
is required. However, for most resources, authentication with a logged-in user is necessary.
To authenticate a user in a Server-to-Server manner, follow these steps:
Step 1: Authenticate User
Use the following endpoint to authenticate a user:
The User resource is an abstraction of the end user, so you need to authenticate him in a Server-to-Server way. That means no action is needed from his part.
curl 'https://api.bridgeapi.io/v2/authenticate' \
-X POST \
-H 'Bridge-Version: 2021-06-01' \
-H 'Content-Type: application/json' \
-H 'Client-Id: MY_CLIENT_ID' \
-H 'Client-Secret: MY_CLIENT_SECRET' \
-d $'{
"user_uuid": "c2a26c9e-dc23-4f67-b887-bbae0f26c415"
}'
curl 'https://api.bridgeapi.io/v2/authenticate' \
-X POST \
-H 'Bridge-Version: 2021-06-01' \
-H 'Content-Type: application/json' \
-H 'Client-Id: MY_CLIENT_ID' \
-H 'Client-Secret: MY_CLIENT_SECRET' \
-d $'{
"external_user_id": "A6JEJIID1919BDS"
}'
The response will contain an access_token
:
{
"access_token": "...",
"expires_at": "2019-05-06T11:08:25.040Z",
"user": {
"uuid": "c2a26c9e-dc23-4f67-b887-bbae0f26c415",
"external_user_id": "A6JEJIID1919BDS"
}
}
Step 2: Use Access Token
To perform authenticated API calls, include the access_token
in the Authorization request header using the bearer authentication scheme. Here's an example:
curl "https://api.bridgeapi.io/v2/items?limit=100" \
-X GET \
-H 'Bridge-Version: 2021-06-01' \
-H 'Client-Id: MY_CLIENT_ID' \
-H 'Client-Secret: MY_CLIENT_SECRET' \
-H 'Authorization: Bearer TOP_SECRET_ACCESS_TOKEN'
Session expiration
Keep in mind that the OAuth token is valid for two hours (UTC+0) after issuance. If the token expires, attempts to make calls with it will result in an HTTP 401 error, requiring a new authentication.
User creation and authentication
Since 23/10/2023, we have updated the user creation and authentication methods. If you have integrated our API before this update, please refer to this page.
Updated about 1 year ago