• Venue and event management in the cloud

How Can We Help?


Access and Refresh Token API

In this article


The Client ID, Client Secret, Redirect URI and Code generated in Priava, need to be used to get an access token and refresh token. The access token will be used for authenticating the API requests discussed in these documents. It’s important to remember that access tokens expire after 6 hours, so the refresh token needs to be used to get a new access token when the first access token expires.

Getting an Access Token

POST - /rest/oauth/token

Headers:

The following headers should be included in your request:

      Content-Type: application/x-www-form-urlencoded;charset=utf-8     
      TenantRegion: [ APAC | EU | US ]

Data:

grant_type=authorization_code&client_id=xxxxxxxx&client_secret=yyyyyyyy&code=zzzzzzzz&redirect_uri=https://my.app.com/oauth2callback

Response:

If successful, you will receive a JSON response with the required tokens, where ‘expires_in’ is measured in seconds.

{ 
"access_token": "xxxxxxxx", "refresh_token": "yyyyyyyy", "token_type" : "BEARER", "expires_in": 21600 }

 If there are any problems with the request, you'll receive a 400 response with an error message.

{ 
"error": "error_code",
 "error_description" : "A human readable error message" }

Once the access token is obtained, it needs to be passed in the Header for all API Calls.

      Authorization : Bearer <access_token>

 

Refresh an Access Token

Use a previously obtained refresh token to generate a new access token.

POST - /rest/oauth/token

Headers:

The following headers should be included in your request:

      Content-Type: application/x-www-form-urlencoded;charset=utf-8     
      TenantRegion: [ APAC | EU | US ]

 Data:

grant_type=refresh_token&client_id=xxxxxxxx&client_secret=yyyyyyyy&refresh_token=zzzzzzzz&redirect_uri=https://my.app.com/oauth2callback 

 Response:

If successful, you will receive a JSON response with the required tokens, where ‘expires_in’ is measured in seconds.

{ 
"access_token": "xxxxxxxx", "refresh_token": "yyyyyyyy", "token_type" : "BEARER", "expires_in": 21600 }

 

If there are any problems with the request, you'll receive a 400 response with an error message.

{ 
"error": "error_code",
 "error_description" : "A human readable error message" }