Authentication

The Mashery v3 API requires that the application calling the API be authenticated using access tokens.  The v3 API implements the authorization code and password flows of the OAuth 2.0 specification.  In both cases, a token can be retrieved by accessing the /v3/token endpoint.  You must have an API key and secret for the Mashery V3 API in order to call this endpoint.

Token Generation

Example token generation call:

curl -k -v -i -u <API Key for Mashery V3>:<API Secret for Mashery V3> 'https://api.mashery.com/v3/token' -d 'grant_type=password&username=<Mashery User Id>&password=<Mashery Password>&scope=<Mashery Area UUID>'

Example token generation response:

{
    "token_type": "bearer",
    "mapi": "<API Key for Mashery V3 API>",
    "access_token": "66mrpvtv4mvs6bz728nbaqmc",
    "expires_in": 3600,
    "refresh_token": "99cg9yrxqazk8nu58xsrqn2pm",
    "scope": "<Mashery Area UUID>"
}

 

Token Refresh

Example token refresh call:

curl -k -v -i -u <API Key for Mashery V3>:<API Secret for Mashery V3> 'https://api.mashery.com/v3/token' -d 'grant_type=refresh_token&refresh_token=<refresh token>'

Docs Navigation