Access Token
Summary
A customer will be given an "access_token". The access_token, also known as a bearer token, must be sent as an http header with all API requests.
Detail
The Dsco APIs authorize access using a specific form of OAuth 2 called 2-legged OAuth. Each Dsco customer will be provided an access_token which uniquely authorizes a customer to access the Dsco APIs. While care should be taken to protect the access_token, Dsco can generate a new access_token on behalf of a customer at any time. The customer's access_token must accompany each HTTP request, as a request header (more on this below).
All requests must make use of industry standard SSL (https://) to protect the sensitive data in the request and response.
Request Headers
Each HTTP request must include the following request headers:
- Authorization - the value is the customer's access_token
Authorization: bearer 222222-22222-2222-2222-222222222
- Accept - the value must be "application/json"
Accept: application/json
- Content-Type - the value must be "application/json"
Content-Type: application/json
Making a simple API Request
Quick Summary
- Base URL for all production APIs is:
https://api.dsco.io/api/v3
- Base URL for all staging APIs is
https://staging-api.dsco.io/api/v3
- Include "Authorization" request header whose value is access_key, here's an example
Authorization: bearer 222222-22222-2222-2222-222222222
- Accept request header must be application/json
Accept: application/json
- Content-Type request header must be application/json
Content-Type: application/json
GET /api/v3/hello HTTP/1.1 Host: api.dsco.com Connection: keep-alive Accept: application/json Authorization: bearer 222222-22222-2222-2222-222222222 Content-Type: application/json
The following is the HTTP response from the "hello" API.
HTTP/1.1 200 OK Content-Type: application/json Content-Length: 18 Expires: 0 Cache-Control: no-cache {"hello":"World!"}
Comments
Please sign in to leave a comment.