Authentication
The Pax8 API authenticate requests using OAuth 2.0. You'll be given a client_id and a client_secret to authenticate with the API. Once you have these, you'll need to request a token that can be used when making API requests.
Access Tokens retrieved will have a time to live of one day. You should not need to request a new access token before every request.
NOTE: Although we keep referring to HTTP standards, the literal syntax of all requests to the API must use HTTPS. API requests NOT made through HTTPS will fail.
For Partners
Once you request your initial API keys via the Pax8 app, your API keys provide full access to ordering functionality, so use caution and don't paste them in cleartext to source code, customer code, or shared spaces.
Make sure to use anaudience of api://p8p.client when getting a token.
For Vendors
Obtain your Client Id and Client Secret from your Pax8 Contact.
Generate a token. Replace <client_id> and <client_secret> in the example below with your credentials
Make sure to use an audience of api://provisioning when getting a token to use with provisioning endpoints. Conversely, make sure to use an audience of api://usage when requesting a token to use with usage endpoints
Example
Make sure to substitute in your client_id, client_secret and appropriate audience when creating access tokens:
curl --request POST
--url https://token-manager.pax8.com/auth/token \
--header 'content-type: application/json' \
--data '{"clientId":"<client_id>","clientSecret":"<client_secret>", "audience":"api://provisioning","grantType":"client_credentials"}'
Token endpoint response example:
{
"token": "<your-token>",
"scope": "vendor:provisioning",
"expiresIn": 86400,
"tokenType": "Bearer",
"expiresAt": "2023-03-16T21:41:55.673+00:00"
}
- Use the token to call the API. Replace
<token>in the example below with your token
curl --request GET
--url https://api.pax8.com/v2/provision-requests \
--header 'content-type: application/json' \
--header 'Authorization: Bearer <token>'
Updated 3 months ago