Authentication
Overview
Our API uses OAuth2 Client Credentials authentication to allow secure access for machine-to-machine interactions. This guide will help you obtain an access token and use it to authenticate requests.
Authentication Endpoint
To obtain an access token, send a POST request to the token endpoint:
POST https://sso.ecoinvent.org/realms/ecoinvent/protocol/openid-connect/tokenRequest Parameters
The request must include the following parameters in the body as application/x-www-form-urlencoded:
Parameter
Type
Description
grant_type
string
client_credentials
client_id
string
Your assigned client ID
client_secret
string
Your assigned client secret
Example Request (cURL)
curl -X POST https://sso.ecoinvent.org/realms/ecoinvent/protocol/openid-connect/token \
-d "grant_type=client_credentials" \
-d "client_id=your_client_id" \
-d "client_secret=your_client_secret" \
-H "Content-Type: application/x-www-form-urlencoded"Response
A successful request returns a JSON response containing the access token:
{
"access_token": "your_access_token",
"expires_in": 3600,
"token_type": "Bearer",
"not-before-policy": 0,
"session_state": "9ee34d1b-1f9d-4019-bac8-11c32eaff894",
}Using the Access Token
Include the access token in the Authorization header of your API requests:
Example Request
curl -X GET https://api.ecoinvent.org/v0/versions \
-H "Authorization: Bearer your_access_token"Token Expiry
Tokens expire after expires_in seconds (e.g., 3600 seconds = 1 hour). Request a new token when it expires.
Error Handling
If authentication fails, the API returns an error response:
{
"error": "invalid_client",
"error_description": "Invalid client or Invalid client credentials"
}Ensure that your client_id and client_secret are correct.
Security Best Practices
Keep your
client_idandclient_secretsecure.Do not expose credentials in client-side applications.
Rotate credentials periodically.
For further assistance, contact our support team.
Last updated
Was this helpful?