Skip to content

Authorization

The Trust2Connect API uses OAuth 2.0 Client Credentials Grant as its authentication method. Every request to the API must include a valid access token obtained via this flow.

The authorization process consists of two main steps:

  1. Obtain an Access Token:
    Your application requests an access token from the authorization server using its unique client credentials (Client ID and Client Secret).

  2. Use the Access Token:
    Once obtained, include the access token in the Authorization header of every API request.

  • Authentication Type: OAuth 2.0 (Client Credentials Grant)

  • Token Generation: Use your client credentials (Client ID and Client Secret) to generate the token.

  • Token Usage: Pass the token in the Authorization header for all API requests.

  • Token Expiry: Tokens expire after a set period and must be regenerated as needed.

  • Token Name: t2c-access-token

  • Header Prefix: Bearer

  • Token Availability: The token is issued only to authenticated clients.

Include the access token in the request header as follows:

Authorization: Bearer {t2c-access-token}