How to use Risk Cloud's API to create or retrieve an API Access Token
Note: API access is only available with the purchase of the API Access Add-On Feature. If you have not purchased this add-on, please contact your customer service representative to enable API functionality.
The Risk Cloud API uses OAuth 2.0 for authentication which uses a bearer token in the Authorization http header. In order to start using the API, first retrieve your Client and Secret keys from the Profile page. This can be navigated to by clicking the Person icon in the top right corner and then the Profile button.
In the Profile page, go to the "Access Key" tab. If this tab is not there, please contact your Risk Cloud administrator as you may not have API privileges.
In the "Access Key" tab you can generate an Access Key or use a Client and Secret key to generate retrieve your existing Access Key.
If you are retrieving an existing Access Key or generating one via the Risk Cloud API, both your Client and Secret keys will need to be base64 encoded with a colon in between them: CLIENT:SECRET
.
Please note that you should be base64 encoding the CLIENT:SECRET together a single time; not the CLIENT first and then the SECRET second.
Once they are encoded, take your encoded string and place it in the authorization header as Authorization: Basic ENCODED
.
URL: /api/v1/account/token
Request Method: POST
Once this URL is pinged with the correct Authorization Header a JSON response will appear mimicking the following structure:
{
"access_token": "KEY_HERE",
"token_type": "bearer",
"expires_in": 31532918,
"scope": "read write"
}
The returned access token can then be used in the authorization header to interact with Risk Cloud's API
Authorization: Bearer ACCESS_TOKEN
Get Risk Cloud API Updates in Your Inbox
Subscribe for easy access to new resources, API updates, endpoint deprecation notices, and more!
Comments
0 comments
Please sign in to leave a comment.