Table of Contents |
---|
OAuth2
Cloud Appointments API uses OAuth 2.0 for authentication and authorization. Use your client credentials to call Cloud Appointment's Identity server in order to to receive a session token, with which you are able to include as a bearer token for all requests to the API Interfaces.
Expiration
Session tokens expire after 60 minutes, for security reasons this cannot be changed. A refresh token can be used in order to allow clients to continue to have a valid access token without further interaction with the user.
Cloud Appointments API requires authentication, to obtain access clients need to have an access token . This is accomplished by utilizing the standard OAuth2 Client Credentials flow. To obtain an access token you must first have a ClientID and a ClientSecret in place, which your QMATIC representative will provide you with.
...
{
"access_token":"...",
"expires_in":3600,
"token_type":"Bearer"
}
The default expiration for an access token is set to 1 hour which means that a new access token
need to be refreshed every hour.