Authenticating for legacy user
This method of authentication is obsolete and will be deprecated. It's recommended to authenticate to the external API using the API-token acquired via MFA/SSO.
Authentication
The first step in establishing communication with the Younium API is to acquire an access token. Access tokens are issued by Younium Identity Server and are in the form of JWT tokens. To obtain the access token, make an HTTP POST to the following URL:
Sandbox: https://auth.sandbox.younium.com/connect/token
Production: https://auth.younium.com/connect/token
Acquiring a JWT access token
The following example is using Postman for sending an authentication request to the Sandbox environment.
Request Headers
Content-Type: application/x-www-form-urlencoded
Request body
grant_type: password
username: [Younium username]
password: [Password]
client_id: apiclient
scope: openid youniumapi profile
legal_entity: [legal entity name or uuid]
If the Younium tenant you're authenticating to has multiple legal entities, specify the legal entity you want to authenticate to by including the legal entity in the body:
JSON Response
If the credentials provided are valid, a successful JSON response contains:
access_token: [JWT token]
expires_in: 28800
token_type: 'Bearer'
If the the credentials provided are not valid an JSON response will be returned containing:
error: [Error message]
Making Authenticated calls to the Younium API
The access token received from a successful authentication will then be used to make authenticated calls to the Younium API.
All requests to the Younium API should have the following HTTP Headers:
Authorization: Bearer [JWT token]Content-Type: application/jsonapi-version : [version](optional)
Example of headers for a request to Younium API:
Versions
The header api-version may be set to specify which version of the api to be called. By default version 2.1 will be called.
Read more about different versions
401 unauthorized
If Authorization fails a 401 Unauthorized response will be returned.