Authenticating for legacy user

This method of authentication is obsolete and will be deprecated. It's recommended to authenticate to the external API using the API-token acquired via MFA/SSO.


The first step in establishing communication with the Younium API is to acquire an access token. Access tokens are issued by Younium Identity Server and are in the form of JWT tokens. To obtain the access token, make an HTTP POST to the following URL:



Acquiring a JWT access token

The following example is using Postman for sending an authentication request to the Sandbox environment.

Request Headers

Content-Type: application/x-www-form-urlencoded


Request body

grant_type: password
username:   [Younium username]
password:   [Password]
client_id:  apiclient
scope: openid youniumapi profile
legal_entity: [legal entity name or uuid]

If the Younium tenant you're authenticating to has multiple legal entities, specify the legal entity you want to authenticate to by including the legal entity in the body:


JSON Response

If the credentials provided are valid, a successful JSON response contains:

access_token: [JWT token]
expires_in: 28800
token_type: 'Bearer'

If the the credentials provided are not valid an JSON response will be returned containing:

error: [Error message]

Making Authenticated calls to the Younium API

The access token received from a successful authentication will then be used to make authenticated calls to the Younium API.

All requests to the Younium API should have the following HTTP Headers:

Authorization: Bearer [JWT token]
Content-Type: application/json
api-version : [version] (optional)

Example of headers for a request to Younium API:



The header api-version may be set to specify which version of the api to be called. By default version 2.1 will be called.

Read more about different versions

401 unauthorized

If Authorization fails a 401 Unauthorized response will be returned.