You can use OAuth2-style authentication to access the runZero API.
The first step is to register a new API client. To do this, select Accounts > API clients from the left navigator, then the Register New API Client button. Once you name the client, you will be given a generated client_id and client_secret
These secret values are used to obtain a token, following the procedure described in RFC 6749 section 2.3.1.
There are two options for authentication: HTTP Basic, or including the credentials in the request body.
In either case, the grant type is client_credentials for an access token request, as described in section 4.4 of the RFC.
HTTP Basic authentication
The HTTP Basic authentication scheme is described in RFC 2617 section 2. The client_id value is the username, and the client_secret value is the password. The client must assemble the two into a string, separated by a colon, then base64 encode the username:password string. The result is used in the Authorization header.
The final request will look like:
POST https://console.runzero.com/api/v1.0/account/api/token Content-Type: application/x-www-form-urlencoded Authorization: Basic dddxYourxEncodedxUsernamexAndxPasswordxHerexcccllCBjjmVvVW50aaascw== grant_type=client_credentials
Credentials in HTTP body
An alternative is to include the credentials in the body of the request. In this case, the client_id and client_secret values are used as is. The final request will look like:
POST https://console.runzero.com/api/v1.0/account/api/token Content-Type: application/x-www-form-urlencoded client_id=666d7000-4444-9999-8888-89ed507999d5&client_secret=hhh/your/client/secret/here/B4UrNYhuFfXxmmm=&grant_type=client_credentials
Response
In both cases, the response will be a JSON object containing a token you can use for HTTP Basic authentication.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article