Skip to main content

Authorization

To send a request to the Content Management API and GraphQL Asset Management API, you must include an authorization token in each request.

We provide a choice of two types of tokens:

  • A token generated from a API key and secret using our authorization service. These tokens are set to expire after a set time period.
  • A longer lasting personal access token (PAT) generated using the GraphQL Asset Management API. These tokens do not expire but can be deleted and are created per user per organization. Note that PATs can only be used for the Content Management API and account management features of the GraphQL Asset Management API.

On this page we'll explain how to authorize access to the APIs using a token generated from an API key and secret. For details of creating and managing PATs, visit the personal access tokens page.

API key and secret
Link copied!

Amplience uses OAuth2 to authorize access to the Content Management API and GraphQL Asset Management API using an API key and secret.

An API key and secret will be provided to you by Amplience at the beginning of your project, or you can request them from Amplience support. Your API key will define the resources to which you have access.

Your API key and secret are used to obtain an access token from the Amplience authorization service. This token must be included in the authorization header of all requests to the Content Management API and Asset Management API and is set to expire after a set time period, generally 300 seconds.

Getting an access token
Link copied!

​ To get an authorization token, send a POST request to the Amplience authorization server at https://auth.amplience.net as follows. ​

Request
Link copied!

POST  https://auth.amplience.net/oauth/token
Auth Headers
Link copied!
HeaderDescription
Content-Typeapplication/x-www-form-urlencoded
Auth Parameters
Link copied!

The parameters should be URL encoded and included in the body of the request:

client_id={yourclientid}&client_secret={yoursecret}&grant_type=client_credentials

Replace {yourclientid} and {yoursecret} with your client id and secret. ​

ParameterDescription
client_idThe client id (API key) provided to you by Amplience
client_secretThe client secret provided to you by Amplience
grant_typeSet this to client_credentials to specify that the authorization token should be generated based on the client ID and secret

Response
Link copied!

Auth Status codes
Link copied!
Status codeDescription
200OK. Credentials are valid.
400Bad Request. client id or secret are not valid.
Auth Response body
Link copied!

If the client_id and client_secret are valid, the response body will be returned as in the example below. Note that the example access_token has been truncated.

{
"access_token": "eyJraWQiOiJhbXBsaWVuY2UtdG9rZW4tc2lnbmluZy1rZXkiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJhbXBsaWVuY2iwiZXhwIjoxNTU…",
"session_expires_in": 0,
"expires_in": 300
}

You will need to save the access token and include it in requests to the API. If the token has expired, request another token from the authorization service.

Including the token in an API request
Link copied!

Once the token is generated, it can then be used in requests made to the Content Management API and GraphQL Asset Management API. The token is sent in the Authorization header of the request and with the authorization format set to bearer.

For example, to make a request to the Content Management API, you would send a request to API endpoint such as: ​

GET https://api.amplience.net/v2/content/hubs

In the request header you must set the Authorization format to Bearer and include the access_token: ​

Authorization : Bearer {access_token}

GraphQL Asset Management API

Content Management API