Enhanced Authentication

Spectrum's new version of authentication is based on the OAuth client credentials flow. Upon a successful call it will return the user an access token which can then be used as a bearer token authentication header in future calls to the Spectrum API. The following explains the new endpoints available.

Note: The enhanced authentication feature must be enabled in the Data Exchange Installation screen first in order to use this functionality.

 

/connect/token

Required fields: (see OAuth documentation for more information)

  • client_id: found in Data Exchange installation screen.

  • client_secret: found in Data Exchange installation screen.

  • scope: spectrumapi

  • grant_type:client_credentials

Returns: (see OAuth documentation for more information)

  • access_token: Is used to call Spectrum API as an Authentication bearer token.

  • expires_in: timespan that the bearer token is valid for.

  • token_type: Bearer

  • scope: spectrumapi

Example:

 

/secretRotation

Required fields:

  • client_id: found in Data Exchange installation screen.

  • client_secret: found in Data Exchange installation screen.

  • scope: spectrumapi

  • grant_type:client_credentials

Returns:

  • client _secret: Updated secret that can be used to pull a bearer token.

  • estimated_expiration: Estimated expiration date based on current Spectrum settings.

Example: