Authenticating with the API
Our auth systems are based on OAuth 2.0 and the credentials required to authenticate are the client id and secret. Currently, there isn’t a self-served portal that will provide you with these, so our team will share them with you directly.
Once you have them, you can acquire an access token by issuing a request below:
POST /v1/token HTTP/1.1
Content-Type: application/x-www-form-urlencoded; charset=ISO-8859-1
Host: api.boclips.com
grant_type=client_credentials&client_id=***&client_secret=***
Please note that the request needs to be sent with the application/x-www-form-urlencoded content type to be processed correctly.
|
Here’s a CURL request if you feel like giving it a spin:
$ curl 'https://api.boclips.com/v1/token' -i -X POST \
-H 'Content-Type: application/x-www-form-urlencoded; charset=ISO-8859-1' \
-d 'grant_type=client_credentials&client_id=***&client_secret=***'This will give you back a JSON response similar to the one below:
{
"access_token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c",
"expires_in": 300, (1)
...
}| 1 | Access token’s lifetime expressed in seconds |
The value of the access_token field then needs to be attached as the Bearer token of the HTTP Authorization header to authorise the actual API requests, for example:
GET /v1/videos/5c542abf5438cdbcb56df0bf HTTP/1.1
Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c
Host: api.boclips.com