Request an access token
To make authenticated requests to the Cint Exchange API, you'll need a JSON Web Token (JWT). You must include this token in the Authorization header of all your API requests.
API endpoint
POST https://auth.cint.com/oauth/token
Request body
The body of your request must be application/json and include the following parameters:
| Property | Description |
|---|---|
client_id | Your unique client identifier (provided in your API Starter Kit). |
client_secret | Your client secret. Treat this like a password (provided in your API Starter Kit). |
grant_type | Must be set to client_credentials. |
audience | The API you are requesting access to. Must be https://api.luc.id. |
auth_scopes | The scopes of access for the token. Defaults to app:api. |
Code examples
Example cURL request to get an access token:
curl -X "POST" "https://auth.cint.com/oauth/token" \
-H 'Content-Type: application/json' \
-d $'{
"client_id": "<YOUR_CLIENT_ID>",
"client_secret": "<YOUR_CLIENT_SECRET>",
"grant_type": "client_credentials",
"auth_scopes": "app:api",
"audience": "https://api.luc.id"
}'
If your client details are correct, you'll receive a 200 OK response.
Example successful response:
{
"access_token": "eyJhbG...S4Mrzg",
"expires_in": 86400,
"token_type": "Bearer"
}
You can use the access_token in the authorization header for every request to the Cint Exchange API. The expires_in property indicates the token's validity period in seconds (in this case, 86,400 seconds is 24 hours).
Error responses
If your client_id or client_secret are incorrect, the API will return a 401 Unauthorized error.
Example error response for invalid client credentials:
{
"error": "access_denied",
"error_description": "Unauthorized"
}
Using your token
Now that you have a valid JWT, you'll need to include it in an Authorization header for every API request to the Cint Exchange, formatted as a bearer token.
For example: Authorization: Bearer <YOUR_JWT_TOKEN>
Now, let's create your first project on the Cint Exchange.