Skip to main content

Company Authentication

To utilize the company authenticated API, a specific user will be assigned to you. You will need to use the OAuth2 flow to authenticate your API requests.

OAuth2 Overview

OAuth2 is a widely adopted standard for managing authentication for APIs. It involves the use of an access_token to make API calls and a refresh_token to obtain a new access_token when the current one expires. The expiration of these tokens helps mitigate security risks in the event of token theft.

First-time Login

To perform the initial login with the credentials provided, follow these steps:

  1. Navigate to the authorization URL:

    https://cents-api.auth.eu-west-1.amazoncognito.com/oauth2/authorize?client_id=51jaa1t8nvjsckbqns00p53ii1&response_type=code&scope=openid&redirect_uri=https%3A%2F%2Fapi.centsdonations.com%2Fv1%2Fpub%2Fcompany%2Fstart

  2. This will lead you to a login page where you will enter your credentials.

  3. Upon successful login, you will receive your initial tokens. Store these tokens securely, as they are part of the standard OAuth2 response.

Accessing the API

To access the API, use the id_token received during the login process. Pass this token in the Authorization header of your API requests using the "Bearer " scheme. For example: Authorization: Bearer id_token

Refreshing Tokens

When your access_token or id_token expires, you can use the refresh_token to obtain new tokens. Execute the following cURL command to refresh your tokens:

curl -X POST \
https://cents-api.auth.eu-west-1.amazoncognito.com/oauth2/token \
-H 'Content-Type: application/x-www-form-urlencoded' \
-d 'grant_type=refresh_token&client_id=51jaa1t8nvjsckbqns00p53ii1&refresh_token=REFRESH_TOKEN&redirect_uri=https%3A%2F%2Fapi.centsdonations.com%2Fv1%2Fpub%2Fcompany%2Fstart'

Replace REFRESH_TOKEN with your actual refresh token.

Additional Resources

For further reading and detailed guides on OAuth2 and token management, refer to the following resources: