API Hub
  • Learn
  • Build
  • Help

Versions

Overview

  • Introduction
  • Authentication
  • Error Codes
  • Rate-Limits
  • Upgrades

    Metadata

    • Overview

      Core Resources

      • Devices
      • Alerts

        Webhooks

        • Introduction
        • Defining a Webhook
        • Event Types
        • Alert Types
        • Webhook invocation, retries and logs
        • Event Handling

          On this page

          • OAuth2.0 client credentials flow

          Authentication

          The KOLO™ API uses OAuth2.0 client credentials flow to authenticate requests. You can view and manage your API keys, client ID and secret in the KOLO™ Central developer tab.

          OAuth2.0 client credentials flow#

          Generate a POST request to https://auth.prod.kolo.cloud/oauth2/token, with the following request headers

          • Authorization - Set as Basic BASE64(CLIENT_ID:CLIENT_SECRET), where BASE64(CLIENT_ID:CLIENT_SECRET) is the base64 representation of your client ID and client secret, concatenated with a colon.
          • Content-Type – set as application/x-www-form-urlencoded

          And with the following parameters:

          • grant_type – set as client_credentials

          This will generate an access token that expires in an hour (sample below).

          {
    "access_token": "eyJra****",
    "expires_in": 3600,
    "token_type": "Bearer"
}

          API calls to access resources should include this access token with the following headers

          • Authorization - Set as Bearer [BEARER TOKEN], from the token endpoint
          • x-api-key – set as your API key