OAuth 2.0 authentication

Achieve more secure API authentication with OAuth 2.0 access tokens.

Access tokens are short lived. Typically, they will only last one hour. This is done to keep your data (and ours) safer.

In exchanging credentials, you'll get a long string called an access token. This access token will serve as your bearer token in the authorization header of API calls.

Find your credentials in the Sinch Customer Dashboard.

There are two pieces of information needed to obtain an access token: the key ID and key secret corresponding to your project ID.

To get an access token, do the following:

  1. Login to the Sinch Client Dashboard to get your access keys .
  2. Click on Create Access Key and when prompted, enter a display name, then click Confirm .
    Does it have to be a new key?

    Not at all. If you have existing credentials saved, feel free to use them.

  3. A Key ID and Key Secret will display. Save the project ID, key ID, and key secret someplace safe.
    Important:

    The key secret is only viewable at the time of initial creation.

    If you accidentally misplace they key secret, no worries! Create a new key.

  4. Using the following curl command, get your access token using the key ID and key secret.
    Copy
    Copied
    curl https://auth.sinch.com/oauth2/token \
    -d grant_type=client_credentials \
    -u YOUR_Key_ID:YOUR_Key_Secret
  5. You'll see your new access token in the response. Now you're ready to use this token on calls to the API. The access token will be useable for one hour.
Short lived

The access token is meant to be short lived for enhanced security. Generate one as often as it is necessary.

Examples

This example will get the latest sent faxes using the Fax API. Replace all relevant parameters with your credential (including the curly braces {}). Note that you'll also need your project ID, which is found in the Customer Dashboard.

Copy
Copied
curl -i -X GET \
'https://fax.api.sinch.com/v1/projects/{YOUR_projectId}/fax' \
  -H 'Authorization: Bearer {YOUR_access_token} ' \
  -H 'Content-Type: application/json' \
We'd love to hear from you!
Rate this content:
Still have a question?
 
Ask the community.