...
Session tokens expire after 60 minutes, for security reasons this cannot be changed. A refresh token can be used in order to allow clients to continue to have a valid access token without further interaction with the user.
Cloud Appointments API requires authentication, to obtain access clients need to have an access token . This is accomplished by utilizing the standard OAuth2 Client Credentials flow. To obtain an access token you must first have a ClientID and a ClientSecret in place, which your QMATIC representative will provide you with.
Access Permissions
To achieve fine grained access control, your access token needs to be decorated with a set of scopes. The scopes are requested when an access token is requested. The table below describes the different scopes that are supported and can be requested, provided to client.
...