Authentication
The first step to use our API is to obtain an access token. This token must be included in the Authorization header of every request. Listed below are the steps to obtain the access token and then an example of how to use the token.
Get access token from authentication server
There are two ways to obtain an access token.
Option 1: Using an account's email address and password
curl --request POST \
--url https://auth.bespokify.com/auth/realms/platform/protocol/openid-connect/token \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data 'username=<EMAIL_ADDRESS>&password=<PASSWORD>&grant_type=password&client_id=public-api'
Option 2: Using an application's client ID and secret
curl --request POST \
--url https://auth.bespokify.com/auth/realms/platform/protocol/openid-connect/token \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data 'grant_type=client_credentials&client_id=<CLIENT_ID>&client_secret=<CLIENT_SECRET>'
Example response
{
"access_token": "eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJsNDgtaHVZSkhHVTQ4Y2MtZy1nYWlSbEljdGZNVWVaM091RHJMMEZXODRVIn0.eyJqdGkiOiI1M2ZhZDU1Ni1kNWJjLTQ4ZmQtYTM5MS0xMzFiZDA0YTI",
"expires_in": 300,
"refresh_expires_in": 1800,
"refresh_token": "eyJhbGciOiJIUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICIzZDhhM2NlNi04ZjBkLTRlNjUtYWMzNy1mNjg1ZDNkNjAyZjEifQ.eyJqdGkiOiIxMTY4ZWVmMy1iMTNjLTQ1ZTktOTI4Ny1hMDk1NjVkMzQ1NTkiL",
"token_type": "bearer",
"not-before-policy": 0,
"session_state": "357665fd-6b67-4f56-9e06-f7b8142176aa",
"scope": "profile email"
}
Use the access token to authenticate with API
The access token must be included in the Authorization header of the request. Below is an example of how to do this:
curl -H "Authorization: Bearer <ACCESS_TOKEN>" https://api.bespokify.com/v2/<ENDPOINT>