Authentication
The Mashery v3 API requires that the application calling the API be authenticated using access tokens. The v3 API implements the authorization code and password flows of the OAuth 2.0 specification. In both cases, a token can be retrieved by accessing the /v3/token endpoint. You must have an API key and secret for the Mashery V3 API in order to call this endpoint.
Token Generation
Example token generation call:
curl -k -v -i -u <API Key for Mashery V3>:<API Secret for Mashery V3> 'https://api.mashery.com/v3/token' -d 'grant_type=password&username=<Mashery User Id>&password=<Mashery Password>&scope=<Mashery Area UUID>'
Example token generation response:
{
"token_type": "bearer",
"mapi": "<API Key for Mashery V3 API>",
"access_token": "66mrpvtv4mvs6bz728nbaqmc",
"expires_in": 3600,
"refresh_token": "99cg9yrxqazk8nu58xsrqn2pm",
"scope": "<Mashery Area UUID>"
}
Token Refresh
Example token refresh call:
curl -k -v -i -u <API Key for Mashery V3>:<API Secret for Mashery V3> 'https://api.mashery.com/v3/token' -d 'grant_type=refresh_token&refresh_token=<refresh token>'
Docs Navigation
- API Documentation Portal
- IO Docs Definition
- Mashery API Documentation
- Mashery 3.0 API Guide
- Mashery 2.0 API Guide
- OAuth Supporting Methods
- Examples
- JSON RPC
- Authentication
- API Objects
- Fetching Objects
- Query Language
- Creating Objects
- Updating Objects
- Validating Fields
- Deleting Objects
- Applications
- General Object Methods
- Members
- Packages
- Plans
- Package Keys
- Keys
- Developer Classes
- Services
- Roles
- Mashery 2.0 Reporting API Guide
- Event Trigger API
- Differences between Roles and Portal Access Groups
- Managing a Portal Access Group Using Mashery V2 or V3 API
- Mashery Reporting Event Post API Guide
- Tips and Tricks
- Your Portal
- API Traffic Manager
- I/O Docs WSDL requirements