Overview

This document explains how to authenticate with Equativ's APIs and which limits apply across these APIs.

API authentication (OAuth)

Step 1 – Create API user

To be able to authenticate, you must first create an API user in order to obtain the clientId and clientSecret. The API user setup is explained in section "API users" in Manage users and user groups.  

Step 2 – Request the access token from Equativ’s identity provider

Using the clientId and clientSecret obtained in Step 1, first request the access token from Equativ’s identity provider:

curl --request POST \
--url https://login.eqtv.io/oauth2/token \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data grant_type=client_credentials \
--data client_id={clientId} \
--data client_secret={clientSecret}

In the response, you will receive the access token, which has a time to live of 600s (10min):

{
"access_token":"<access token>",
"expires_in": 600,
"token_type": "Bearer"
}

Step 3 – Use the user token in API requests

Use the user token obtained in Step 1 in the Authorization header of all your API requests:

curl --request GET \
--url https://supply-api.eqtv.io/sites \
--header 'Authorization: Bearer <access-token>'

Global API limits

To prevent API performance issues by intended or accidental large scale operations, the API is subject to limits.

The following limits apply globally, across Equativ's APIs:

* Limits apply to UTC day, not to the last 24 hours. For example, an API request from France (UTC+2, summer time), made at 01:00 AM on a Tuesday, is counted for the Monday before, at 11:00 PM.