The API uses access tokens to control access and authenticate requests. An access token should be included in all the API requests to any endpoint, in an authorization header as -
Authorization: Bearer <YOUR_ACCESS_TOKEN> 

To generate an access token, you must first contact us to receive an API secret. The API secret is fixed for a given company and thus we strongly recommend you to keep it confidential. Once you have the API secret, you can generate an access token by sending a POST request to this endpoint-<API_SECRET>

Please note that access tokens are short-lived and expire after a given number of seconds, indicated by the expires_in property of the generated response. Currently, the default expiry duration is 2592000 seconds (30 days). If a request is attempted with an expired access token, the response will be a '401 Not Authorized'.

Did this answer your question?