Maestro
Developers
Use the APIs

Maestro API authentication

Overview Global API limits Supported APIs Before you start Step 1: Request an access token Step 2: Call the APIs

Overview

This article describes authentication for the Maestro APIs.

To access these APIs, you must authenticate using the OAuth 2.0 Client Credentials flow. You will need a client ID and client secret to request a short-lived bearer token.

Global API limits

The global rate limit is 60 requests per API user per minute.

Supported APIs

The following APIs use this authentication method:

Activation (Campaigns) API
Deals (Auction Package) API
Reporting API

Legacy authentication

Some existing Maestro API users still authenticate using the legacy Auth0 Community flow (access token and user token). New API users must use OAuth 2.0 Client Credentials authentication.

A deprecation timeline for the legacy authentication flow will be announced once migration is complete.

Before you start

Create an API user to obtain a client ID and client secret. For more information, see Create and manage API users.

Step 1: Request an access token

Request a short-lived bearer token from the Equativ identity provider:

curl --request POST \
  --url https://login.eqtv.io/oauth2/token \
  --header 'Content-Type: application/x-www-form-urlencoded' \
  --data grant_type=client_credentials \
  --data client_id={clientId} \
  --data client_secret={clientSecret}

Example response:

{
  "access_token": "<access token>",
  "expires_in": 600,
  "token_type": "Bearer"
}

The token time to live (TTL) is 600 seconds (10 minutes). Renew your token when it expires.

Step 2: Call the APIs

Pass the bearer token in the Authorization header:

curl --request GET \
  --url https://demand-api.eqtv.io/deals \
  --header 'Authorization: Bearer <access_token>'