Documentation
Home
Start typing to search…

Authentication

In order to use Ytel’s API, integration calls must be authenticated. Depending on the API you’re using, there are two user types to authenticate with.

CPaaS API Authentication

The CPaaS API contains scoped resources invoked by end users. As such, their username and password are used when authenticating.

CCaaS API Authentication

The CCaaS API requires the use of an API user when authenticating. Use the admin interface within the Ytel Application to create your API user.

Obtaining an Access Token

In order to make an authenticated API call, an access token must be generated by making a POST call to the Authentication Token URI. When initially authenticating, user credentials are required to perform the POST call. Subsequently, a refresh token can be used to obtain a new access token when the current one expires.

User Credentials

To retrieve an access token for the first time, grantType must be set to “resource_owner_credentials”. This means the user needs to pass a username (their email) and a password in the request

Sample request body:

{
"grantType": "resource_owner_credentials", 
"username": "YOUR_USERNAME", 
"password": "YOUR_PASSWORD" 
}

Sample response:

{ 
"accessToken": "NEW_ACCESS_TOKEN", 
"refreshToken": "NEW_REFRESH_TOKEN",
"tokenType": "Bearer"
}

Refresh Token

A refresh token is valid for 24 hours and can be used to obtain new access tokens when the current one expires. The user needs to make another call to the endpoint with grantType refresh_token and pass the refresh token returned from the previous request.

Sample request body:

{
	"grantType": "refresh_token", 
	"refreshToken": "YOUR_REFRESH_TOKEN"
}

Sample response:

{
	"accessToken": "NEW_ACCESS_TOKEN", 
	"refreshToken": null,
	"tokenType": "Bearer"
}

Updated 6 months ago