Usage

API Endpoint
Link copied!

There is a single endpoint for all requests to the GraphQL Asset Management API: https://api.amplience.net/graphql

Authentication
Link copied!

Credentials
Link copied!

Amplience uses OAuth2 to authorize access to the GraphQL Asset Management API.

To use the API you will need an API key and secret. These credentials will be provided to you by Amplience at the beginning of your project, or you can request them from Amplience support. Your API key will define the resources to which you have access.

Your API key and secret are used to obtain an access token from the Amplience authorization service. This token must be included in the authorization header of all requests to the Asset Management API and is set to expire after a set time period, generally 300 seconds.

You can also use a personal access token instead of a token generated from an API key and secret.

Note that for experimentation purposes, you can log in to the API Playground which will provide an authenticated call to the API

Getting an access token
Link copied!

To get an authorization token, send a POST request to the Amplience authorization server at https://auth.amplience.net as follows.

Request
Link copied!

POST  https://auth.amplience.net/oauth/token

Auth Headers
Link copied!

Header	Description
`Content-Type`	`application/x-www-form-urlencoded`

Auth Parameters
Link copied!

The parameters should be URL encoded and included in the body of the request:

client_id={yourclientid}&client_secret={yoursecret}&grant_type=client_credentials

Replace {yourclientid} and {yoursecret} with your client id and secret.

Parameter	Description
`client_id`	The client id (API key) provided to you by Amplience
`client_secret`	The client secret provided to you by Amplience
`grant_type`	Set this to `client_credentials` to specify that the authorization token should be generated based on the client ID and secret

Response
Link copied!

Auth Status codes
Link copied!

Status code	Description
`200`	OK. Credentials are valid.
`400`	Bad Request. client id or secret are not valid.

Auth Response body
Link copied!

If the client_id and client_secret are valid, the response body will be returned as in the example below. Note that the example access_token has been truncated.

{
  "access_token": "eyJraWQiOiJhbXBsaWVuY2UtdG9rZW4tc2lnbmluZy1rZXkiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJhbXBsaWVuY2iwiZXhwIjoxNTU…",
  "session_expires_in": 0,
  "expires_in": 300
}

You will need to save the access token and include it in requests to the API. If the token has expired, request another token from the authorization service.

Including the token in an API request
Link copied!

To make a request to the GraphQL Asset Management API, you would send a request to API endpoint:

POST https://api.amplience.net/graphql

In the request header you must set the Authorization format to Bearer and include the access_token:

Authorization : Bearer {access_token}

Replace access_token with the access token returned by the authorization service. If the access token is valid, then the request is processed and the response is returned.

Methods
Link copied!

Both POST and GET methods are supported.

The HTTPS POST method is recommended. The query should be sent in the body of a POST request.

The HTTPS GET method requires that the query is included in the URL string using the ?query= parameter.

Status codes
Link copied!

Status code	Phrase	Description
`200`	OK	Successful request
`400`	Bad Request	Non specific error with request. Usually due to an invalid query or mutation argument
`429`	Too many requests	A rate limit has been exceeded
`500`	Internal server error	Non specific error occurred on the server

Error response format
Link copied!

If 400 (Bad request) error occurs, the response body contains a JSON object containing an errors array. This will contain the error type, a message field describing the error and a locations array stating where in the request body the error was found. Here is an example of an error due to a mistyped query:

{
  "errors": [
    {
      "message": "Cannot query field \"mimetype\" on type \"Asset\". Did you mean \"mimeType\"?",
      "locations": [
        {
          "line": 5,
          "column": 7
        }
      ],
      "extensions": {
        "code": "GRAPHQL_VALIDATION_FAILED"
      }
    }
  ]
}

Asset ingestion
Link copied!

Assets can be ingested using the createAsset mutation by specifying a URL path to the source asset. The source asset must be available via a publicly accessible URL.

Identifying ingestion requests
Link copied!

Ingestion requests from the Asset Management API can be identified by the user agent, which is sent in an HTTP request header:

Request header name	Request header value
`User-Agent`	`amplience-dam-api/1.5.0`

Note: The number suffixed to the header value is the current version number of the API, and this number is subject to change.

Usage

API EndpointLink copied!

AuthenticationLink copied!

CredentialsLink copied!

Getting an access tokenLink copied!

RequestLink copied!

Auth HeadersLink copied!

Auth ParametersLink copied!

ResponseLink copied!

Auth Status codesLink copied!

Auth Response bodyLink copied!

Including the token in an API requestLink copied!

MethodsLink copied!

Status codesLink copied!

Error response formatLink copied!

Asset ingestionLink copied!

Identifying ingestion requestsLink copied!