Authentication
Make sure you have an active license & access to the API (currently invite-only)
Overview
Our API uses OAuth2 Client Credentials authentication to allow secure access for machine-to-machine interactions. This guide will help you obtain an access token and use it to authenticate requests.
Authentication Endpoint
To obtain an access token, send a POST request to the token endpoint:
POST https://sso.ecoinvent.org/realms/ecoinvent/protocol/openid-connect/tokenRequest Parameters
The request must include the following parameters in the body as application/x-www-form-urlencoded:
Parameter
Type
Description
grant_type
string
client_credentials
client_id
string
Your assigned client ID
client_secret
string
Your assigned client secret
Example Request (cURL)
curl -X POST https://sso.ecoinvent.org/realms/ecoinvent/protocol/openid-connect/token \
-d "grant_type=client_credentials" \
-d "client_id=your_client_id" \
-d "client_secret=your_client_secret" \
-H "Content-Type: application/x-www-form-urlencoded"Response
A successful request returns a JSON response containing the access token:
Using the Access Token
Include the access token in the Authorization header of your API requests:
Example Request
Token Expiry
Tokens expire after expires_in seconds (e.g., 3600 seconds = 1 hour). Request a new token when it expires.
Error Handling
If authentication fails, the API returns an error response:
Ensure that your client_id and client_secret are correct.
Security Best Practices
Keep your
client_idandclient_secretsecure.Do not expose credentials in client-side applications.
Rotate credentials periodically.
For further assistance, contact our support team.
Last updated
Was this helpful?