Our authentication is based on the Client Credentials flow of the OAuth 2.0 authentication framework (Client Credentials).

You need to retrieve an access token (ACCESS_TOKEN) from our authentication endpoint to then send in the header ("Authorization: Bearer ACCESS_TOKEN") of subsequent requests.

To obtain an ACCESS_TOKEN, send a POST request to https://auth.reelables.com/oauth2/token?grant_type=client_credentials with headers:

  • "Content-Type": "application/x-www-form-urlencoded"
  • "Authorization": "Basic base64(CLIENT_ID>:<CLIENT_SECRET>)" where base64() is the base64-encoded representation of the <CLIENT_ID>:<CLIENT_SECRET> combination.

Using the ACCESS_TOKEN in requests:

  • add an Authorization header to your request including the ACCESS_TOKEN as the value: "Authorization: Bearer ACCESS_TOKEN"
  • the ACCESS_TOKEN is valid for 1 hour. Once it has expired, re-authenticate to obtain a fresh ACCESS_TOKEN

Example Authentication request curl --request POST --url 'https://auth.reelables.com/oauth2/token?grant_type=client_credentials' --user CLIENT_ID:CLIENT_SECRET --header 'Content-Type: application/x-www-form-urlencoded'

  • Note: using the curl --user option adds an Authorization header with value Basic Base64(CLIENT_ID:CLIENT_SECRET)