Authentication

Most API requests require authentication. BitBar supports authentication with an API key and access token.

Important Update: API Authentication

To align with our security framework enhancements, we will be discontinuing support for OAuth 2.0 password grant type. As a result, API calls using this method will trigger an authorization exception. We strongly advise our clients using OAuth 2.0 password grant type to transition to the API key method to ensure uninterrupted service. Guidance is available in our documentation to facilitate this transition.

API key

An API key is a secret token that you can find in your BitBar account settings:

  • Select > My Account in the top right corner.

  • Click the API tile in the My Integrations panel.

    Viewing an API key
curl -u <api-key>: https://cloud.bitbar.com/api/me

You can later re-generate the API key to invalidate old scripts. To do this, click Reset API key, and then click Save.

Reset API key

OAuth 2.0

OAuth 2.0 is an authorization method used to provide access to resources over the HTTP protocol.

Start a new session

curl -X POST https://cloud.bitbar.com/oauth/token -d 'client_id=testdroid-cloud-api&grant_type=password&username=EMAIL&password=PASSWORD'

Response body

{
    "access_token":"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
    "token_type":"bearer",
    "refresh_token":"yyyyyyyy-yyyy-yyyy-yyyy-yyyyyyyyyyyy",
    "expires_in":1799,
    "scope":"read write"
}

Refresh an existing session

curl -X POST https://cloud.bitbar.com/oauth/token -d 'client_id=testdroid-cloud-api&grant_type=refresh_token&refresh_token=REFRESH_TOKEN'

Response body

{
    "access_token":"zzzzzzzz-zzzz-zzzz-zzzz-zzzzzzzzzzzz",
    "token_type":"bearer",
    "refresh_token":"yyyyyyyy-yyyy-yyyy-yyyy-yyyyyyyyyyyy",
    "expires_in":1799,
    "scope":"read write"
}

Use an access token

curl "https://cloud.bitbar.com/api/me?access_token=ACCESS_TOKEN"

See Also

Publication date: